CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CISM

Free CISM Exam Braindumps (page: 37)

Page 37 of 430
PDF with 1716 Questions

Which of the following is the BEST way to determine if an information security program aligns with corporate governance?

  1. Evaluate funding for security initiatives
  2. Survey end users about corporate governance
  3. Review information security policies
  4. Review the balanced scorecard

Answer(s): C

Explanation:

One of the most important aspects of the action plan to execute the strategy is to create or modify, as needed, policies and standards. Policies are one of the primary elements of governance and each policy should state only one general security mandate. The road map should show the steps and the sequence, dependencies, and milestones.



Security governance is MOST associated with which of the following IT infrastructure components?

  1. Network
  2. Application
  3. Platform
  4. Process

Answer(s): D



Which of the following is the PRIMARY advantage of having an established information security governance framework in place when an organization is adopting emerging technologies?

  1. An emerging technologies strategy is in place
  2. An effective security risk management process is established
  3. End user acceptance of emerging technologies is established
  4. A cost-benefit analysis process is easier to perform

Answer(s): B



Which of the following is the MOST appropriate board-level activity for information security governance?

  1. Establish security and continuity ownership
  2. Develop “what-if” scenarios on incidents
  3. Establish measures for security baselines
  4. Include security in job-performance appraisals

Answer(s): A






Post your Comments and Discuss ISACA CISM exam with other Community members:

CISM Exam Discussions & Posts