CRISC Certified in Risk and Information Systems Control – Question598

Who should be accountable for ensuring effective cybersecurity controls are established?

A.
Security management function
B. Enterprise risk function
C. Risk owner
D. IT management

Correct Answer: C