Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 146)

The BEST way to encourage good security practices is to:

A.schedule periodic compliance audits.

B.recognize appropriate security behavior by individuals.

C.discipline those who fail to comply with the security policy.

D.publish the information security policy.

Which of the following would BEST enable effective decision-making?

A.A consistent process to analyze new and historical information risk

B.Annualized loss estimates determined from past security events

C.Formalized acceptance of risk analysis by business management

D.A universally applied list of generic threats, impacts, and vulnerabilities

Who can BEST approve plans to implement an information security governance framework?

A.Internal auditor

B.Information security management

C.Steering committee

D.Infrastructure management

A security awareness program should:

A.present top management's perspective.

B.address details on specific exploits.

C.address specific groups and roles.

D.promote security department procedures.

Who should decide the extent to which an organization will comply with new cybersecurity regulatory requirements?

A.Senior management

B.IT steering committee

C.Legal counsel

D.Information security manager

Other Version: 8721ISACA.CISM.v2025-02-21.q785; 1774ISACA.CISM.v2024-12-21.q371; 14203ISACA.CISM.v2022-06-26.q752; 83ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 276PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 382Nokia.4A0-113.v2026-05-01.q69; 416EC-COUNCIL.312-49v11.v2026-04-30.q214; 336Microsoft.MB-820.v2026-04-30.q101; 261Salesforce.MC-202.v2026-04-30.q57; 303BICSI.INSTC_V8.v2026-04-29.q53; 429NMLS.MLO.v2026-04-28.q82; 291NCARB.Project-Management.v2026-04-28.q27; 517EMC.D-AV-DY-23.v2026-04-27.q184; 1352ServiceNow.CSA.v2026-04-27.q483

Download PDF File