CISM Certified Information Security Manager – Question0608

Which of the following is the PRIMARY responsibility of the information security steering committee?

A.
Developing security polices aligned with the corporate and IT strategies
B. Reviewing business cases where benefits have not been realized
C. Identifying risks associated with new security initiatives
D. Developing and presenting business cases for security initiatives

Correct Answer: A