Which of the following are the MOST important individuals to include as members of an
information security steering committee?
A.
Direct reports to the chief information officer
B.
IT management and key business process owners
C.
Cross-section of end users and IT professionals
D.
Internal audit and corporate legal departments
Explanation:
Security steering committees provide a forum for management to express its opinion and take
some ownership in the decision making process. It is imperative that business process owners be
included in this process. None of the other choices includes input by business process owners.