As a CISO in a large healthcare organization, you must update the security policy. What stakeholder should have the final approval before organization-wide rollout?
A. The IT operations manager
B. The legal counsel
C. The executive leadership team
D. The compliance officer
Answer: C. The executive leadership team
Senior management buy-in is essential for policy enforcement and organizational alignment. Without it, the policy lacks authority.