Decentralized Information Security Management

C.

Decentralization of information security management generally results in better alignment to business unit needs.

It is generally more expensive to administer due to the lack of economies of scale.

Uniformity in quality of service tends to vary from unit to unit.

Decentralized information security management refers to a model in which each business unit or geographic location in an organization has its own information security management team responsible for the security of the data and systems in that particular location. Each team operates independently, with little central coordination or control.

The characteristic of decentralized information security management across a geographically dispersed organization can vary. The following options are possible:

A. More uniformity in quality of service: This option is unlikely to be true because decentralization can lead to inconsistent security measures and policies across different locations, resulting in varying levels of quality in information security services.

B. Better adherence to policies: This option is possible because decentralized teams are closer to the business units they serve, which can help them understand the specific security needs of that unit and create policies that are more closely aligned to those needs. However, there is also a risk that individual teams may create policies that are not consistent with the overall organization's policies.

C. Better alignment to business unit needs: This option is likely to be true because decentralized teams can have a better understanding of the specific security needs of each business unit or location. This can help them tailor their security measures to the needs of the business, resulting in better alignment with business objectives.

D. More savings in total operating costs: This option is unlikely to be true because decentralized information security management can result in duplication of effort and resources. Each team may need to acquire its own security tools, hire its own staff, and develop its own security procedures, resulting in higher operating costs overall.

In summary, the best answer to this question is likely to be C: Better alignment to business unit needs. While decentralized information security management can have drawbacks, it can also provide advantages such as tailoring security measures to the specific needs of each business unit.