Free CISM Exam Questions | CISM dumps PDF free (Page 36 )

QUESTION: 171 Exam Topic: INFORMATION SECURITY GOVERNANCE

Which of the following is the MOST important requirement for the successful implementation of security governance?

Implementing a security balanced scorecard
Performing an enterprise-wide risk assessment
Mapping to organizational strategies
Aligning to an international security framework

Answer(s): C

QUESTION: 172 Exam Topic: INFORMATION SECURITY GOVERNANCE

A large organization is in the process of developing its information security program that involves working with several complex organizational functions. Which of the following will BEST enable the successful implementation of this program?

Security governance
Security policy
Security metrics
Security guidelines

Answer(s): A

Show Answer Next Question

QUESTION: 173 Exam Topic: INFORMATION SECURITY GOVERNANCE

Which of the following is a PRIMARY responsibility of an information security governance committee?

Analyzing information security policy compliance reviews
Approving the purchase of information security technologies
Reviewing the information security strategy
Approving the information security awareness training strategy

Answer(s): C

Show Answer Next Question

QUESTION: 174 Exam Topic: INFORMATION SECURITY GOVERNANCE

An information security manager discovers that the organization’s new information security policy is not being followed across all departments. Which of the following should be of GREATEST concern to the information security manager?

Different communication methods may be required for each business unit.
Business unit management has not emphasized the importance of the new policy.
The corresponding controls are viewed as prohibitive to business operations.
The wording of the policy is not tailored to the audience.

Answer(s): C

Show Answer Next Question

QUESTION: 175 Exam Topic: INFORMATION SECURITY GOVERNANCE

An organization has detected potential risk emerging from noncompliance with new regulations in its industry. Which of the following is the MOST important reason to report this situation to senior management?

The risk profile needs to be updated.
An external review of the risk needs to be conducted.
Specific monitoring controls need to be implemented.
A benchmark analysis needs to be performed.

Answer(s): A

Show Answer Next Question

ISACA CISM Exam Questions
Certified Information Security Manager (Page 36 )

QUESTION: 171 Exam Topic: INFORMATION SECURITY GOVERNANCE

QUESTION: 172 Exam Topic: INFORMATION SECURITY GOVERNANCE

QUESTION: 173 Exam Topic: INFORMATION SECURITY GOVERNANCE

QUESTION: 174 Exam Topic: INFORMATION SECURITY GOVERNANCE

QUESTION: 175 Exam Topic: INFORMATION SECURITY GOVERNANCE

Join the CISM Discussion

ISACA CISM Exam Questions Certified Information Security Manager (Page 36 )

QUESTION: 171 Exam Topic: INFORMATION SECURITY GOVERNANCE

QUESTION: 172 Exam Topic: INFORMATION SECURITY GOVERNANCE

QUESTION: 173 Exam Topic: INFORMATION SECURITY GOVERNANCE

QUESTION: 174 Exam Topic: INFORMATION SECURITY GOVERNANCE

QUESTION: 175 Exam Topic: INFORMATION SECURITY GOVERNANCE

Join the CISM Discussion

ISACA CISM Exam Questions
Certified Information Security Manager (Page 36 )