CISM Certified Information Security Manager – Question0961

The PRIMARY objective of security awareness is to:

A.
ensure that security policies are understood.
B. influence employee behavior.
C. ensure legal and regulatory compliance
D. notify of actions for noncompliance.

Correct Answer: B

Explanation:

Explanation:
It is most important that security-conscious behavior be encouraged among employees through training that influences expected responses to security incidents. Ensuring that policies are read and understood, giving employees fair warning of potential disciplinary action, or meeting legal and regulatory requirements is important but secondary.