Palo Alto Networks

ISACA CISM Exam Questions
Certified Information Security Manager (Page 166 )

Updated On: 9-Apr-2026

Viewing Page 69 of 345 pages.

Download PDF version with 1716 Questions

QUESTION: 336 Exam Topic: INFORMATION RISK MANAGEMENT

Which of the following is the BEST course of action for the information security manager when residual risk is above the acceptable level of risk?

Perform a cost-benefit analysis
Recommend additional controls
Carry out a risk assessment
Defer to business management

Answer(s): B

Show Answer Next Question

QUESTION: 337 Exam Topic: INFORMATION RISK MANAGEMENT

Which of the following is the BEST reason to initiate a reassessment of current risk?

Follow-up to an audit report
A recent security incident
Certification requirements
Changes to security personnel

Answer(s): B

Show Answer Next Question

QUESTION: 338 Exam Topic: INFORMATION RISK MANAGEMENT

Before final acceptance of residual risk, what is the BEST way for an information security manager to address risk factors determined to be lower than acceptable risk levels?

Evaluate whether an excessive level of control is being applied.
Ask senior management to increase the acceptable risk levels.
Implement more stringent countermeasures.
Ask senior management to lower the acceptable risk levels.

Answer(s): A

Show Answer Next Question

QUESTION: 339 Exam Topic: INFORMATION RISK MANAGEMENT

When selecting risk response options to manage risk, an information security manager’s MAIN focus should be on reducing:

exposure to meet risk tolerance levels.
the likelihood of threat.
financial loss by transferring risk.
the number of security vulnerabilities.

Answer(s): A

Show Answer Next Question

QUESTION: 340 Exam Topic: INFORMATION RISK MANAGEMENT

Which of the following should an information security manager perform FIRST when an organization’s residual risk has increased?

Implement security measures to reduce the risk.
Communicate the information to senior management.
Transfer the risk to third parties.
Assess the business impact.

Answer(s): D

Show Answer Next Question

160
…
164
165
166
167
168
…
170
180

Viewing page 166 of 345
Viewing questions 826 - 830 out of 1716 questions

Post your Comments and Discuss ISACA CISM exam dumps with other Community members:

Comments:

Name:

CISM Exam Discussions & Posts

Anonymous User Commented on April 12, 2026
Question 153:

Correct answer: Perform a gap analysis to determine needed resources.

Why this is the FIRST action:

The organization already has non-compliance findings from internal audit. You need to understand exactly what is missing to meet regulatory requirements.

A gap analysis identifies the differences between the current controls/processes and the regulatory requirements, and it specifies the resources (people, processes, technologies, budget) needed to close those gaps.

Once gaps and resource needs are known, you can prioritize remediation and then perform a proper risk assessment to determine impact on business operations.

Other options are less appropriate as first steps:

- Create a security exception would bypass remediation and not address regulatory gaps. - Perform a vulnerability assessment targets weaknesses but not regulatory gaps or resource needs. - Assess the risk to business operations is important, but you need the gap/resource context first to accurately assess and prioritize risk.
Key concept: In governance, start with a gap analysis to map current state to regulatory requirements, enabling a actionable remediation plan and informed risk prioritization.
Ahmedabad, India

B Commented on November 23, 2025
QUESTION: 332 - Answer should be Unregistered IT assets may not be included in security documentation
CANADA

B Commented on November 23, 2025
Q237 - answer should be - Align the policies to the most stringent global regulations Q239 - Answer should be - A. Create an inventory of systems where personal data is stored. Q240 - Answers should be - Data classification policy
CANADA

B Commented on November 23, 2025
Q235 - Anser should be local laws and regulations
CANADA

B Commented on November 23, 2025
Q232 - answer should be - Significant incidents are escalated to executive management
CANADA

B Commented on November 23, 2025
QUESTION: 224 - Answer should be A
CANADA

B Commented on November 23, 2025
correct option is - has a clearly defined charter and meeting protocols
CANADA

Chan Commented on August 08, 2025
Q725. Which of the following defines the minimum security requirements that a specific system must meet? Security policy or Security baseline
Anonymous

Terry Tan Commented on July 14, 2025
A great effort to doc all these questions and answers.
Anonymous

Faz Commented on June 10, 2025
Question 67, shouldnt the answer be legal and regulaory?
Anonymous

fazeel Commented on June 10, 2025
excellent exam dump.Keep up the good work team.
Anonymous

CryptoPhantom Commented on March 18, 2025
Very advanced exam. Too many complex questions. Not easy to pass without knowing the questions.
Malaysia

Anonymous Commented on March 04, 2025
Someone left a comment stating that this guide is not free. I'd say using this digital format, not the PDF document, is free. I'd also add, with all due respect, that no one should expect to receive a freebie exam dumps in the mail without a price, and that is because such documents do cost the producers some money.
UNITED STATES

Anonymous Commented on March 03, 2025
Impressive, satisfactory, and comprehensive material that lives up to pars and a little more. Thanks for producing it and making it available to us.
UNITED STATES

Anonymous Commented on March 03, 2025
This material is a comprehensive, excellent exam dumps rather than just a exam dumps pdf of prior exams.
UNITED STATES

Anonymous Commented on March 03, 2025
This is a thorough, explanatory, simple, yet detailed set of questions covering CISM's entire spectrum. Thanks for all the efforts.
UNITED STATES

Narendra Modi Commented on March 02, 2025
Good set of questions and useful
Anonymous

Charles Commented on February 25, 2025
nice..but doesnt look free!
EUROPEAN UNION

Hekka Commented on February 15, 2025
Good set of questions
Anonymous

Suchi Poddar Commented on February 10, 2025
Good set and nice to see that so much help for the students. Thankyou so much.
Anonymous

Anonymous Commented on February 02, 2025
Good set or practice
Anonymous

Anonymous Commented on January 29, 2025
Good questions for revision
UNITED STATES

Dev Commented on January 13, 2025
Appreciate it very much
Anonymous

David Commented on January 08, 2025
Good challenge for preparation and readyness
CANADA

David Benson Commented on December 30, 2024
the information has broaden my knowledge in cism
Anonymous

David Benson Commented on December 29, 2024
informative and educative
Anonymous

Rajesh Kumar Commented on December 03, 2024
Very useful and informative. Answer justification is given properly.
INDIA

Raj D Commented on December 01, 2024
Helpful study guide
UNITED STATES

Martin Commented on November 27, 2024
The CISM practice questions PDF is a game-changer. It’s well-structured, easy to understand, and perfect for those new to the certification journey. Highly recommended!
UNITED STATES

Patience Fuzane Commented on December 18, 2023
I love using all brain dumps. It is a very good certification resource
Anonymous

MD Commented on July 31, 2022
The study material is good to refresh/ summarize what you’ve read in textbooks.
UNITED STATES

LifeLongLearner Commented on March 24, 2020
Very useful information
SINGAPORE

JC Commented on January 22, 2020
I am not sure how often are the questions updated.
UNITED STATES

JJ Commented on January 05, 2020
I purchased Our CISM study guides/materials on 9/26/19. Is there any update since then? Is there any exam changes and a new version comes out? How would I be notified? thanks,
UNITED STATES

billy Commented on November 07, 2019
i am excited to have a system to help me achieve my goal
UNITED STATES

jc Commented on October 15, 2019
CISM test engine does not work. It required JRM/JRE. I installed it and it still does not work. can someone help?
UNITED STATES

AI Tutor

AI Tutor 👋 I’m here to help!