CISM Certified Information Security Manager – Question0722

The MAIN purpose of documenting information security guidelines for use within a large, international organization is to:

A.
ensure that all business units have the same strategic security goals.
B. provide evidence for auditors that security practices are adequate.
C. explain the organization's preferred practices for security.
D. ensure that all business units implement identical security procedures.

Correct Answer: A