COBIT's accountability framework can enhance internal control by assigning responsibility and designating authority for various tasks related to information systems security. Which of the following groups is most suited to develop technical security controls?

Question

Quizplus · Accepted Answer

Information security management is the most suited group to develop technical security controls as they have the necessary technical expertise and are responsible for ensuring the security and protection of information systems. The board of directors and the audit committee are responsible for oversight and governance, while external auditors provide independent assurance over the effectiveness of the internal control system. However, they may not have the technical expertise required for developing technical security controls.

COBIT's Accountability Framework Can Enhance Internal Control by Assigning Responsibility