Which of the following is NOT a responsibility of the information security manager (ISM) within an organization’s cybersecurity framework?

Lead Cybersecurity Manager 0 Comments

Which of the following is NOT a responsibility of the information security manager (ISM) within an organization’s cybersecurity framework?
A . Allocating resources dedicated to the cybersecurity program
B . Supervising the entire life cycle of cybersecurity platforms
C . Developing a comprehensive framework of metrics and assurances to evaluate the effectiveness of controls

Answer: A

Explanation:

The responsibility of allocating resources dedicated to the cybersecurity program typically falls to senior management or the executive leadership, rather than the information security manager (ISM). The ISM’s role is more focused on supervising the cybersecurity program, developing metrics, and ensuring the effectiveness of security controls.

Reference: ISO/IEC 27001:2013 – Outlines the responsibilities of the ISM, including the supervision of the ISMS and the development of metrics for evaluating control effectiveness, but does not typically include resource allocation.

NIST SP 800-53 – Discusses the roles and responsibilities within an organization’s security framework, delineating the management of resources as a responsibility of senior leadership rather than the ISM.

Latest Lead Cybersecurity Manager Dumps Valid Version with 80 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download Lead Cybersecurity Manager PDF     Lead Cybersecurity Manager Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments