← Back to exam page

CISM Certified Information Security Manager

Loading demo links...

Showing 4–6 of 15 questions

Question 4

Which of the following BEST enables an organization to transform its culture to support information security?

Select an option, then click Submit answer.

  • Periodic compliance audits

  • Strong management support

  • Robust technical security controls

  • Incentives for security incident reporting
Question 5

Which of the following BEST facilitates effective incident response testing?

Select an option, then click Submit answer.

  • Including all business units in testing

  • Simulating realistic test scenarios

  • Reviewing test results quarterly

  • Testing after major business changes
Question 6

The MOST appropriate time to conduct a disaster recovery test would be after:

Select an option, then click Submit answer.

  • major business processes have been redesigned.

  • the business continuity plan (BCP) has been updated.

  • the security risk profile has been reviewed

  • noncompliance incidents have been filed.