← Back to exam page

CISM Certified Information Security Manager

Loading demo links...

Showing 10–12 of 15 questions

Question 10

Which of the following BEST enables the integration of information security governance into corporate governance?

Select an option, then click Submit answer.

  • Well-decumented information security policies and standards

  • An information security steering committee with business representation

  • Clear lines of authority across the organization

  • Senior management approval of the information security strategy
Question 11

Which of the following is MOST important to consider when aligning a security awareness program with the organization's business strategy?

Select an option, then click Submit answer.

  • Regulations and standards

  • People and culture

  • Executive and board directives

  • Processes and technology
Question 12

An organization plans to utilize Software as a Service (SaaS) and is in the process of selecting a vendor. What should the information security manager do FIRST to support this initiative?

Select an option, then click Submit answer.

  • Review independent security assessment reports for each vendor.

  • Benchmark each vendor's services with industry best practices.

  • Analyze the risks and propose mitigating controls.

  • Define information security requirements and processes.