Achieving Alignment Between Information Security and Organizational Objectives

The Importance of Alignment in Information Security and Organizational Objectives

Prev Question Next Question

Question

Which of the following would be MOST helpful to achieve alignment between information security and organization objectives?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

C.

A security program enabling business activities would be most helpful to achieve alignment between information security and organization objectives.

All of the other choices are part of the security program and would not individually and directly help as much as the security program.

The MOST helpful option to achieve alignment between information security and organization objectives would be option C: a security program that enables business activities.

Explanation: Information security is a vital part of an organization's overall strategy, and it should support the organization's objectives. Therefore, it is essential to ensure that the information security program is aligned with the organization's objectives.

Option A: Key control monitoring, and option D: An effective security architecture are both important components of an information security program, but they alone may not necessarily align the information security program with the organization's objectives.

Option B: A robust security awareness program is also crucial to ensure that employees are aware of the security risks and best practices. However, a security awareness program alone may not be sufficient to achieve alignment between information security and organization objectives.

Option C: A security program that enables business activities is the most helpful option to achieve alignment between information security and organization objectives. Such a program would ensure that security measures are integrated into business activities and enable the organization to meet its objectives while maintaining an acceptable level of security. This approach would make security an enabler of business operations rather than an obstacle. By doing so, it would facilitate a culture where security is not an afterthought but an integral part of business activities.

Therefore, option C is the best choice among the given options to achieve alignment between information security and organization objectives.