PrepAway - Latest Free Exam Questions & Answers

Which of the following would be the MOST important goal of an information security governance program?

Which of the following would be the MOST important goal of an information security governance
program?

PrepAway - Latest Free Exam Questions & Answers

A.
Review of internal control mechanisms

B.
Effective involvement in business decision making

C.
Total elimination of risk factors

D.
Ensuring trust in data

Explanation:

The development of trust in the integrity of information among stakeholders should be the primary
goal of information security governance. Review of internal control mechanisms relates more to
auditing, while the total elimination of risk factors is not practical or possible. Proactive involvement
in business decision making implies that security needs dictate business needs when, in fact, just
the opposite is true. Involvement in decision making is important only to ensure business data
integrity so that data can be trusted.


Leave a Reply