CISM Certified Information Security Manager – Question0967

Which of the following BEST indicates senior management support for an information security program?

A.
Detailed information security policies are established and regularly reviewed.
B. The information security manager meets regularly with the lines of business.
C. Key performance indicators (KPIs) are defined for the information security program.
D. Risk assessments are conducted frequently by the information security team.

Correct Answer: C