Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Where does accountability for the development of an information security policy reside?
The board of directors
The IS department
Senior management
The security administrator
The security committee
Normally, the designing of an information systems security policy is the accountability of top management or the board of directors. The IS department is responsible for the execution of the policy, having no authority in framing the policy. The security committee also functions within the broad security policy framed by the board of directors. The security administrator is responsible for implementing, monitoring and enforcing the security rules that management has established and authorized.
The answer should be management not the Board of Directors.EDIT....Responsibility of Developing belongs to the committee.....Approval belongs to Management. If you asked who was ultimately accountable for it - then MANAGEMENT is - but they do not think it up/develop it. Its board of directors responsibility to develop the Security policy with the help of different function heads and management is accountable and responsible for its effective implementation
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.