Which of the following is responsible for legal and regulatory liability?
A.
Chief security officer (CSO)
B.
Chief legal counsel (CLC)
C.
Board and senior management
D.
Information security steering group
Explanation:
The board of directors and senior management are ultimately responsible for all that happens in the organization. The others are not individually liable for failures of security in the organization.
I agree with the answer. C