CISM questions • Exam prepare

Exam contains 1248 questions

Page 15 of 208

Question 85 🔥

Senior management has just accepted the risk of noncompliance with a new regulation. What should the information security manager do NEXT?

Which database solution meets these requirements?

A. Report the decision to the compliance officer.

B. Reassess the organization's risk tolerance.

C. Update details within the risk register.

Highly voted

D. Assess the impact of the regulation.

Discussion of the question

Question 86 🔥

Which of the following BEST provides an information security manager with sufficient assurance that a service provider complies with the organization's information security requirements?

Which database solution meets these requirements?

A. A live demonstration of the third-party supplier's security capabilities

B. The ability to audit the third-party supplier's IT systems and processes

Highly voted

C. Third-party security control self-assessment results

D. An independent review report indicating compliance with industry standards

Discussion of the question

Question 87 🔥

Which of the following is the MOST essential element of an information security program?

Which database solution meets these requirements?

A. Prioritizing program deliverables based on available resources

B. Benchmarking the program with global standards for relevance

C. Involving functional managers in program development

Highly voted

D. Applying project management practices used by the business

Discussion of the question

Question 88 🔥

Which of the following is BEST to include in a business case when the return on investment (ROI) for an information security initiative is difficult to calculate?

Which database solution meets these requirements?

A. Projected increase in maturity level

B. Estimated increase in efficiency

C. Projected costs over time

D. Estimated reduction in risk

Highly voted

Discussion of the question

Question 89 🔥

If the inherent risk of a business activity is higher than the acceptable risk level, the information security manager should FIRST:

Which database solution meets these requirements?

A. transfer risk to a third party to avoid cost of impact.

B. recommend that management avoid the business activity.

C. assess the gap between current and acceptable level of risk.

Highly voted

D. implement controls to mitigate the risk to an acceptable level.

Discussion of the question

Question 90 🔥

An information security risk analysis BEST assists an organization in ensuring that:

Which database solution meets these requirements?

A. the infrastructure has the appropriate level of access control.

B. cost-effective decisions are made with regard to which assets need protection

Highly voted

C. an appropriate level of funding is applied to security processes.

D. the organization implements appropriate security technologies

Discussion of the question

Ready to Pass Your Certification Test

isaca CISM

Exam contains 1248 questions

Lorem ipsum dolor sit amet consectetur. Eget sed turpis aenean sit aenean. Integer at nam ullamcorper a.

Company

Product

Resources

Follow us