New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSEP Exam - Topic 1 Question 73 Discussion

Actual exam question for ISC2's ISSEP exam
Question #: 73
Topic #: 1
[All ISSEP Questions]

Which of the following individuals are part of the senior management and are responsible for authorization of individual systems, approving enterprise solutions, establishing security policies, providing funds, and maintaining an understanding of risks at all levels? Each correct answer represents a complete solution. Choose all that apply.

Show Suggested Answer Hide Answer
Suggested Answer: A, B, C, E

Authorizing Official, AO Designated Representative (AODR), Chief Information Officer (CIO), and

Senior Information Security Officer (SISO) are part of the senior management. These individuals are

responsible for the following:

Authorization of individual systems

Approving enterprise solutions

Establishing security policies

Providing funds

Maintaining an understanding of risk at all levels

Answer option D is incorrect. A User Representative is not a part of the senior management in the

Authorization process.


by Becky at Sep 02, 2023, 10:39 PM

Limited Time Offer

25%

Off

Get Premium ISSEP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Omer
3 months ago
Really? I thought User Representatives had more say.
upvoted 0 times
...
Tanesha
3 months ago
Totally agree with A and E, they have the authority.
upvoted 0 times
...
Josefa
4 months ago
Wait, are we sure about B? Seems off.
upvoted 0 times
...
Delfina
4 months ago
I think C should be included too.
upvoted 0 times
...
Elenore
4 months ago
Definitely A and E for sure!
upvoted 0 times
...
Helaine
4 months ago
I feel like the Senior Information Security Officer might be involved, but I can't recall if they have the same level of authority as the CIO.
upvoted 0 times
...
Pearlie
4 months ago
The Authorizing Official seems like a key player here too, right? They usually have the final say on system authorizations.
upvoted 0 times
...
Aliza
5 months ago
I'm not so sure about the AO Designated Representative. I remember it being mentioned in a practice question, but I'm unclear on their exact role.
upvoted 0 times
...
Wendell
5 months ago
I think the Chief Information Officer definitely fits since they oversee IT strategy and security policies.
upvoted 0 times
...
Jeffrey
5 months ago
Whew, this is a tough one. I'm a bit confused about the differences between some of these roles. I'll need to review my notes and really think through the responsibilities of each position to make sure I get this right.
upvoted 0 times
...
Daniel
5 months ago
This seems straightforward enough. The Chief Information Officer, Senior Information Security Officer, and Authorizing Official are clearly the senior management roles responsible for the listed duties. I'll double-check my work, but I'm feeling good about this one.
upvoted 0 times
...
Anissa
5 months ago
Okay, let's see. The question is asking about who is part of senior management and has certain security-related responsibilities. I think the Chief Information Officer and Authorizing Official are obvious choices, but I'm a bit unsure about the other options.
upvoted 0 times
...
France
5 months ago
Hmm, this is a tricky one. I'm not entirely sure about all the roles and responsibilities here. I'll need to carefully read through the options and think it through step-by-step.
upvoted 0 times
...
Jerry
5 months ago
This looks like a classic senior management question. I'm pretty confident I can handle this one - the key is to identify the individuals responsible for the listed responsibilities.
upvoted 0 times
...
Jarod
5 months ago
This question is asking about the appropriate level of skepticism for fraud examiners. I'll need to carefully consider the nuances of each answer choice.
upvoted 0 times
...
Glennis
5 months ago
Hmm, I'm not too sure about this one. I'll have to think it through carefully.
upvoted 0 times
...
Providencia
5 months ago
I'm not completely confident, but isn't a service registry just a way to manage service instances? That makes me think it's true.
upvoted 0 times
...

Save Cancel