Isaca Certification Changed CISM Questions

Developing a business case to replace the system is the FIRST course of action that the information security manager should take, because it helps to justify the need for a new and effective email filtering system that can prevent or reduce phishing incidents. A business case should include the problem statement, the proposed solution, the costs and benefits, the risks and assumptions, and the expected outcomes and metrics.

References =

CISM Review Manual, 16th Edition, ISACA, 2020, p. 42: “A business case is a document that provides the rationale and justification for an information security investment. It should include the problem statement, the proposed solution, the costs and benefits, the risks and assumptions, and the expected outcomes and metrics.”

Email Filtering Explained: What Is It and How Does It Work: “Email filtering is a process used to sort emails and identify unwanted messages such as spam, malware, and phishing attempts. The goal is to ensure that they don’t reach the recipient’s primary inbox. It is an essential security measure that helps protect users from unwanted or malicious messages.”

Cloud-based email phishing attack using machine and deep learning …: “This attack is used to attack your email account and hack sensitive data easily.”

Verified Answer: According to the CISM Review Manual, 15th Edition, Chapter 3, Section 3.2.1.1, "Recommendations for enterprise investment in security technology should be primarily based on the organization’s risk tolerance."1

Comprehensive and Detailed Explanation: The organization’s risk tolerance is the degree of uncertainty that the organization is willing to accept in order to pursue its objectives. It reflects the organization’s appetite for risk and its ability to cope with potential losses or disruptions. The higher the risk tolerance, the more aggressive and innovative the security investments can be, as they can help achieve faster growth or competitive advantage. The lower the risk tolerance, the more conservative and defensive the security investments should be, as they can help protect the organization’s assets and reputation from potential threats.

References: 1: CISM Review Manual, 15th Edition, Chapter 3, Section 3.2.1.1

The best option to reduce the risk of unauthorized sharing of information during the due diligence process is B. Establishing mutual non-disclosure agreements (NDAs). This is because NDAs are legal contracts that bind the parties to keep confidential any information that is exchanged or disclosed during the due diligence process. NDAs can help to protect the sensitive data, intellectual property, trade secrets, or business strategies of both the organization and the third party from being leaked, stolen, or misused by unauthorized parties. NDAs can also specify the terms and conditions for the use, storage, and disposal of the information, as well as the consequences for breaching the agreement.

References = CISM Review Manual 15th Edition, Chapter 3, Section 3.2.1, page 1341; CISM Review Questions, Answers & Explanations Manual 9th Edition, Question 70, page 18