View Question Textbook

Question Filters

Select Exam

Select Subject

Select Topic

Select Language

Per Page

Duplicate scope

Results

Showing 1-1 of 1 (Page 1 of 1) • Filter: Uncategorised

⚙️

Select All Questions

N/A General Topics English Easy (default)

Who will demonstrate leadership and commitment with respect to the information security management system?

Uncategorised

A) Information System Auditor

B) Chief Information Security Officer

C) Top Management

D) Audit Committee

Correct Answer: Option C

Solution:

❌Information System Auditor assesses compliance and effectiveness but does not lead or own the ISMS. Their role is independent and evaluative. ❌ Chief Information Security Officer (CISO) manages and implements the ISMS, and operates under the authority of top management. ✅ According to ISO/IEC 27001 and other governance frameworks, leadership and commitment for the Information Security Management System (ISMS) must come from top management. They are responsible for setting the direction, allocating resources, establishing policies, and ensuring continual improvement. Their involvement is critical for embedding security into the organization’s culture. ❌Audit Committee oversees risk and compliance but does not directly lead or commit to the ISMS. Their role is governance, not operational leadership.

Page 1 of 1