Question 1118 - CISM Certified Information Security Manager

Who is responsible for raising awareness of the need for adequate funding for risk action plans?

A. Chief information officer (CIO)
B. Chief financial officer (CFO)
C. Information security manager
D. Business unit management

Correct Answer: C

Explanation:

Explanation:
The information security manager is responsible for raising awareness of the need for adequate funding for risk-related action plans. Even though the chief information officer (CIO), chief financial officer (CFO) and business unit management are involved in the final approval of fund expenditure, it is the information security manager who has the ultimate responsibility for raising awareness.

CISM Certified Information Security Manager

Tag: Question 1118

CISM Certified Information Security Manager – Question1118