When an organization implements an information security governance framework, it is MOST important for executive leadership to have a direct role in: A. reviewing the information security policy directing the organization. B. developing technical key risk indicators (KRIs) for information security. C. implementing information security metrics for the organization. D. approving information security standards and procedures for the organization. Â Suggested Answer: A This question is in CISM exam For getting Certified Information Security Manager Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by ISACA. The website does not contain actual questions and answers from ISACA's Certification Exams. Trademarks, certification & product names are used for reference only and belong to ISACA.
Please login or Register to submit your answer