CISM Certified Information Security Manager – Question1291

Which of the following provides the BEST indication that the information security program is in alignment with enterprise requirements?

A.
The security strategy is benchmarked with similar organizations.
B. The information security manager reports to the chief executive officer.
C. Security strategy objectives are defined in business terms.
D. An IT governance committee is in place.

Correct Answer: C