New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CISM Isaca Exam Lab Questions

Page: 26 / 59
Total 793 questions

Certified Information Security Manager Questions and Answers

Question 101

A project team member notifies the information security manager of a potential security risk that has not been included in the risk register. Which of the following should the information security manager do FIRST?

Options:

A.

Implement compensating controls.

B.

Analyze the identified risk.

C.

Prepare a risk mitigation plan.

D.

Add the risk to the risk register.

Question 102

To effectively manage an organization's information security risk, it is MOST important to:

Options:

A.

assign risk management responsibility to an experienced consultant.

B.

periodically identify and correct new systems vulnerabilities.

C.

establish and communicate risk tolerance.

D.

benchmark risk scenarios against peer organizations.

Question 103

Of the following, who is BEST positioned to be accountable for risk acceptance decisions based on risk appetite?

Options:

A.

Information security manager

B.

Chief risk officer (CRO)

C.

Information security steering committee

D.

Risk owner

Question 104

Which of the following is necessary to ensure consistent protection for an organization's information assets?

Options:

A.

Classification model

B.

Control assessment

C.

Data ownership

D.

Regulatory requirements

Page: 26 / 59
Total 793 questions