Which of the following is an nformation security governance responsibility of the CISO?
A) Communicate policies and the program
B) Set security policy, procedures, programs and training for the organization
C) Brief the board, customers and the public
D) Implement policy, report security vulnerabilities and breaches

Question

Quizplus · Accepted Answer

The responsibility of setting security policy, procedures, programs and training for the organization falls under the purview of the CISO.

Answer: A 
 The CISO is responsible for communicating policies and the security program throughout the organization to ensure everyone is up to date about security protocols.

Option C is incorrect because briefing the board, customers and public is the responsibility of the CEO or spokesperson of the company.

Option D is incorrect because implementing policy, reporting security vulnerabilities and breaches, falls under the duty of security officers and IT teams.

Which of the Following Is an Nformation Security Governance Responsibility