What is the MOST important factor in the successful implementation of an enterprise wide
information security program?
A.
Realistic budget estimates
B.
Security awareness
C.
Support of senior management
D.
Recalculation of the work factor
Explanation:
Without the support of senior management, an information security program has little chance of
survival. A company’s leadership group, more than any other group, will more successfully drive
the program. Their authoritative position in the company is a key factor. Budget approval, resource
commitments, and companywide participation also require the buy-in from senior management.
Senior management is responsible for providing an adequate budget and the necessary
resources. Security awareness is important, but not the most important factor. Recalculation of the
work factor is a part of risk management.