CISM - Information Security Governance - Section 1.3
Define organisational structures, roles and responsibilities that support effective information security governance.
Define the roles of the CISO, steering committee, and security teams, and articulate clear lines of accountability for information security decisions. Apply segregation of duties to prevent conflicts of interest and ensure that oversight and execution functions remain independent.
CISO roleSteering committeeSegregation of dutiesAccountability
More in this domain
Back to all Information Security Governance objectives, or the CISM cert hub.
Examworthy is not affiliated with or endorsed by ISACA. Original, blueprint-aligned practice material only.