Which of the following is the BEST method or technique to ensure the effective implementation of
an information security program?
A.
Obtain the support of the board of directors.
B.
Improve the content of the information security awareness program.
C.
Improve the employees’ knowledge of security policies.
D.
Implement logical access controls to the information systems.
Explanation:
It is extremely difficult to implement an information security program without the aid and support of
the board of directors. If they do not understand the importance of security to the achievement of
the business objectives, other measures will not be sufficient. Options B and (‘ are measures
proposed to ensure the efficiency of the information security program implementation, but are of
less significance than obtaining the aid and support of the board of directors. Option D is a
measure to secure the enterprise information, but by itself is not a measure to ensure the broader
effectiveness of an information security program.