Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 129)

Question 636

Which of the following is the BEST way to ensure information security metrics are meaningful?

A.Aligning information security metrics with business drivers

B.Using a dashboard to present the information security metrics

C.Correlating information security metrics to industry best practices

D.Requiring information security metrics to be approved by senior management

Question 637

Which of the following is the MOST effective way to achieve the integration of information security governance into corporate governance?

A.Ensure information security efforts support business goals

B.Align information security budget requests to organizational goals.

C.Ensure information security aligns with IT strategy.

D.Provide periodic IT balanced scorecards to senior management.

Question 638

The MOST effective use of a risk register is to:

A.identify risks and assign roles and responsibilities for mitigation.

B.identify threats and probabilities.

C.facilitate a thorough review of all IT-related risks on a periodic basis.

D.record the annualized financial amount of expected losses due to risks.

Question 639

A third-party service provider is developing a mobile app for an organization's customers. Which of the following issues should be of GREATEST concern to the information security management.

A.The contract has no requirement for secure development practices

B.SLAs after deployment are not clearly defined.

C.The mobile app s programmers are all offshore contractors.

D.Software escrow is not addressed in the contract

Question 640

Which of the following is the BEST way to prevent recurrence of a security incident?

A.Review and update security policy on a regular basis

B.Management support and approval of the incident response plan

C.An appropriate investigation into the root cause with corrective measures applied

D.An expanded and more effective monitoring and detection process for incidents

Other Version: 8722ISACA.CISM.v2025-02-21.q785; 1775ISACA.CISM.v2024-12-21.q371; 14204ISACA.CISM.v2022-06-26.q752; 83ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 277PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 385Nokia.4A0-113.v2026-05-01.q69; 421EC-COUNCIL.312-49v11.v2026-04-30.q214; 338Microsoft.MB-820.v2026-04-30.q101; 262Salesforce.MC-202.v2026-04-30.q57; 306BICSI.INSTC_V8.v2026-04-29.q53; 432NMLS.MLO.v2026-04-28.q82; 291NCARB.Project-Management.v2026-04-28.q27; 521EMC.D-AV-DY-23.v2026-04-27.q184; 1357ServiceNow.CSA.v2026-04-27.q483

Question 636

Question 637

Question 638

Question 639

Question 640

Download PDF File