Corporate culture is often the greatest challenge to implementing an information security policy effectively. A culture that does not prioritize security, resists change, or lacks awareness about security risks can hinder policy enforcement. While other options such as cloud applications and dispersed staff introduce complexities, a supportive and informed corporate culture is essential to overcoming such obstacles and ensuring policy adherence. References: ISACA’s Information Security Management principles, CGEIT Review Manual.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit