CISM Certified Information Security Manager – Question0201

Which of the following is MOST critical for an effective information security governance framework?

A.
Board members are committed to the information security program.
B. Information security policies are reviewed on a regular basis.
C. The information security program is continually monitored.
D. The CIO is accountable for the information security program.

Correct Answer: A