🔥 3-day streak
ISACA CISM — Certified Information Security Manager96 / 121
Question 96 of 121

A newly appointed information security manager discovers that the organization's security program operates without a formal charter. Security decisions are frequently overturned by business unit leaders who claim security has no authority to mandate controls. To establish legitimate, enterprise-wide authority for the security function, what should the security manager do FIRST?

Reviewed for accuracy · Report an issueNext question