CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CISM

Free CISM Exam Braindumps (page: 40)

Page 40 of 430
PDF with 1716 Questions

Internal audit has reported a number of information security issues which are not in compliance with regulatory requirements. What should the information security manager do FIRST?

  1. Create a security exception
  2. Perform a vulnerability assessment
  3. Perform a gap analysis to determine needed resources
  4. Assess the risk to business operations

Answer(s): C



Which of the following is the MOST important reason for an organization to develop an information security governance program?

  1. Establishment of accountability
  2. Compliance with audit requirements
  3. Monitoring of security incidents
  4. Creation of tactical solutions

Answer(s): B



The PRIMARY purpose of aligning information security with corporate governance objectives is to:

  1. build capabilities to improve security processes.
  2. consistently manage significant areas of risk.
  3. identify an organization’s tolerance for risk.
  4. re-align roles and responsibilities.

Answer(s): A



Which of the following is the MOST important consideration for designing an effective information security governance framework?

  1. Defined security metrics
  2. Continuous audit cycle
  3. Security policy provisions
  4. Security controls automation

Answer(s): A






Post your Comments and Discuss ISACA CISM exam with other Community members:

CISM Exam Discussions & Posts