Free Access ISACA.CISM.v2025-02-21.q785 Practice Test (Page 132)

Question 651

Senior management has just accepted the risk of noncompliance with a new regulation. What should the information security manager do NEXT?

A.Reassess the organization's risk tolerance.

B.Update details within the risk register

C.Assess the impact of the regulation.

D.Report the decision to the compliance officer.

Question 652

Senior management has endorsed a comprehensive information security policy. Which of the following should the organization do NEXT?

A.Promote awareness of the policy among employees.

B.Seek policy buy-in from business stakeholders.

C.Implement an authentication and authorization system.

D.Identify relevant information security frameworks for adoption.

Question 653

An information security manager at a global organization has to ensure that the local information security program will initially ensure compliance with the:

A.corporate data privacy policy.

B.data privacy policy where data are collected.

C.data privacy policy of the headquarters' country.

D.data privacy directive applicable globally.

Question 654

Which of the following is the BEST way to obtain organization-wide support for an information security program?

A.Mandate regular security awareness training.

B.Develop security performance metrics.

C.Position security as a business enabler.

D.Prioritize security initiatives based on IT strategy.

Question 655

An organization with a strict need-to-know information access policy is about to launch a knowledge management intranet.
Which of the following is the MOST important activity to ensure compliance with existing security policies?

A.Develop a control procedure to check content before it is published.

B.Change organization policy to allow wider use of the new web site.

C.Ensure that access to the web site is limited to senior managers and the board.

D.Password-protect documents that contain confidential information.

Other Version: 620ISACA.CISM.v2024-12-21.q371; 12756ISACA.CISM.v2022-06-26.q752; 15503ISACA.CISM.v2022-03-24.q890; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 105HP.HPE0-V27.v2025-09-11.q78; 119Oracle.1Z0-1057-23.v2025-09-10.q47; 153Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 135SAP.C-S4EWM-2023.v2025-09-08.q83; 168TheSecOpsGroup.CNSP.v2025-09-08.q20; 235CFAInstitute.ESG-Investing.v2025-09-08.q173; 216PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 154Salesforce.Data-Architect.v2025-09-05.q216; 148Adobe.AD0-E605.v2025-09-05.q50

Question 651

Question 652

Question 653

Question 654

Question 655

Download PDF File