CISM Certified Information Security Manager – Question1035

In an organization where IT is critical to its business strategy and where there is a high level of operational dependence on IT, senior management commitment to security is BEST demonstrated by the:

A.
segregation of duties policy
B. size of the IT security function
C. reporting line of the chief information security officer (CISO)
D. existence of an IT steering committee

Correct Answer: D