The PRIMARY objective of a security steering group is to:
A . ensure information security covers all business functions.
B . ensure information security aligns with business goals.
C . raise information security awareness across the organization.
D . implement all decisions on security management across the organization.
Answer: B
Explanation:
The security steering group comprises senior management of key business functions and has the primary objective to align the security strategy with the business direction. Option A is incorrect because all business areas may not be required to be covered by information security; but, if they do, the main purpose of the steering committee would be alignment more so than coverage. While raising awareness is important, this goal would not be carried out by the committee itself. The steering committee may delegate part of the decision making to the information security manager; however, if it retains this authority, it is not the primary’ goal.
Latest CISM Dumps Valid Version with 1327 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund