Who is responsible for initiating corrective measures and capabilities used when there are security violations? A. Information systems auditor B. Security administrator C. Management D. Data owners
Correct Answer: C
Explanation:
Management is responsible for protecting all assets that are directly or indirectly under their control.
They must ensure that employees understand their obligations to protect the company’s assets, and implement security in accordance with the company policy. Finally, management is responsible for initiating corrective actions when there are security violations. Source: HARE, Chris, Security management Practices CISSP Open Study Guide, version 1.0, april 1999.
Please disable your adblocker or whitelist this site!