Question 85
Main Page
An executive questions why the CISO does not own organizational risk. What is the correct response?
A. Risk is too complex for CISOs
B. CISOs only work with hardware
C. Risk ownership lies with business asset/process owners
D. Legal teams own all organizational risk