Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 126)

Question 621

An information security manager has developed a strategy to address new information security risks resulting from recent change the business. Which of the following would be MOST important to include when presenting the strategy to senior management?

A.The impact of organizational changes on the security risk profile

B.Security controls needed for risk mitigation

C.Results of benchmarking against industry peers

D.The costs associated with business process changes

Question 622

Which of the following is the BEST indication that information security is integrated into corporate governance?

A.New vulnerably are reported directly to the security manager.

B.Security policy documents are reviewed periodically.

C.Administrative staff is trained on current information security topics.

D.Significant incidents are escalated to executive management.

Question 623

Detailed business continuity plans should be based PRIMARILY on:

A.consideration of different alternatives.

B.the solution that is least expensive.

C.strategies that cover all applications.

D.strategies validated by senior management.

Question 624

Which of the following is the MOST reliable source of information about emerging information security threats and vulnerabilities?

A.Industry bloggers

B.Vulnerability scanning alerts

C.Threat intelligence groups

D.A social media group of hackers

Question 625

An organization's information security processes are currently defined as ad hoc. In seeking to improve their performance level, the next step for the organization should be to:

A.ensure that security processes are consistent across the organization.

B.enforce baseline security levels across the organization.

C.ensure that security processes are fully documented.

D.implement monitoring of key performance indicators for security processes.

Other Version: 1102ISACA.CISM.v2025-02-21.q785; 659ISACA.CISM.v2024-12-21.q371; 12797ISACA.CISM.v2022-06-26.q752; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 107Oracle.1z0-1196-25.v2025-09-12.q18; 106NetworkAppliance.NS0-162.v2025-09-12.q86; 145OCEG.GRCP.v2025-09-11.q211; 107HP.HPE0-V27.v2025-09-11.q78; 123Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 137SAP.C-S4EWM-2023.v2025-09-08.q83; 181TheSecOpsGroup.CNSP.v2025-09-08.q20; 261CFAInstitute.ESG-Investing.v2025-09-08.q173; 248PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 621

Question 622

Question 623

Question 624

Question 625

Download PDF File