From an information security manager perspective, what is the immediate benefit of clearly- defined roles and responsibilities?
A.
Enhanced policy compliance
B.
Improved procedure flows
C.
Segregation of duties
D.
Better accountability
Explanation:
Without well-defined roles and responsibilities, there cannot be accountability. Choice A is incorrect because policy compliance requires adequately defined accountability first and therefore is a byproduct. Choice B is incorrect because people can be assigned to execute procedures that are not well designed. Choice C is incorrect because segregation of duties is not automatic, and roles may still include conflicting duties.