An information security organization should PRIMARILY:

An information security organization should PRIMARILY:

An information security organization should PRIMARILY:

A.
support the business objectives of the company by providing security-related support services.

B.
be responsible for setting up and documenting the information security responsibilities of the
information security team members.

C.
ensure that the information security policies of the company are in line with global best
practices and standards.

D.
ensure that the information security expectations are conveyed to employees.

Explanation:

The information security organization is responsible for options B and D within an organization, but
they are not its primary mission. Reviewing and adopting appropriate standards (option C) is a
requirement. The primary objective of an information security organization is to ensure that
security supports the overall business objectives of the company.



Leave a Reply 0

Your email address will not be published. Required fields are marked *