← Back to exam page

CISM Certified Information Security Manager

Loading demo links...

Showing 7–9 of 15 questions

Question 7

Which of the following should be the PRIMARY objective of an information security governance framework?

Select an option, then click Submit answer.

  • Provide a baseline for optimizing the security profile of the organization.

  • Demonstrate senior management commitment.

  • Demonstrate compliance with industry best practices to external stakeholders.

  • Ensure that users comply with the organization's information security policies.
Question 8

Which of the following should be the FIRST step to gain approval for outsourcing to address a security gap?

Select an option, then click Submit answer.

  • Collect additional metrics.

  • Perform a cost-benefit analysis.

  • Submit funding request to senior management.

  • Begin due diligence on the outsourcing company.
Question 9

Which of the following BEST determines the allocation of resources during a security incident response?

Select an option, then click Submit answer.

  • Senior management commitment

  • A business continuity plan (BCP)

  • An established escalation process

  • Defined levels of severity