Which of the following would BEST enable a new information security manager to obtain senior management support for an information security governance program?
A.
Demonstrating the program's value to the organization
B.
Discussing governance programs found in similar organizations
C.
Providing the results of external audits
D.
Providing examples of information security incidents within the organization
The best way to obtain senior management support for an information security governance program is to demonstrate the program’s value to the organization, such as how it can help achieve business objectives, reduce operational risks, enhance resilience, and comply with regulations. Demonstrating the value of information security governance can help senior management understand the benefits and costs of the program, and motivate them to participate in the decision-making process. The other options, such as discussing governance programs in similar organizations, providing external audit results, or providing examples of incidents, may not be sufficient or persuasive enough to obtain senior management support, as they may not reflect the specific needs and goals of the organization. References:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit