Free Access ISACA.CISM.v2025-02-21.q785 Practice Test (Page 110)

Question 541

Which of the following is the MOST important consideration when determining the approach for gaining organization-wide acceptance of an information security plan?

A.Organizational culture

B.Organizational information security awareness

C.Information security roles and responsibilities

D.Mature security policy

Question 542

Which of the following is the BEST way for an organization to determine the maturity level of its information security program?

A.Validate the effectiveness of implemented security controls.

B.Review the results of information security awareness testing.

C.Benchmark the information security policy against industry standards.

D.Track the trending of information security incidents.

Question 543

What is the MOST important item to be included in an information security policy?

A.The definition of roles and responsibilities

B.The scope of the security program

C.The key objectives of the security program

D.Reference to procedures and standards of the security program

Question 544

An organization uses a security standard that has undergone a major revision by the certifying authority. The old version of the standard will no longer be used for organizations wishing to maintain their certifications.
Which of the following should be the FIRST
course of action?

A.Evaluate the cost of maintaining the certification.

B.Review the new standard for applicability to the business.

C.Modify policies to ensure new requirements are covered.

D.Communicate the new standard to senior leadership.

Question 545

To minimize security exposure introduced by changes to the IT environment, which of the following is MOST important to implement as part of change management?

A.Performing a business impact analysis (B1A) prior to implementation

B.Conducting a security risk assessment prior to go-live

C.Performing post-change reviews before closing change tickets

D.Requiring approval by senior management

Other Version: 659ISACA.CISM.v2024-12-21.q371; 12793ISACA.CISM.v2022-06-26.q752; 15542ISACA.CISM.v2022-03-24.q890; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 106Oracle.1z0-1196-25.v2025-09-12.q18; 104NetworkAppliance.NS0-162.v2025-09-12.q86; 144OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 180TheSecOpsGroup.CNSP.v2025-09-08.q20; 259CFAInstitute.ESG-Investing.v2025-09-08.q173; 244PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 541

Question 542

Question 543

Question 544

Question 545

Download PDF File