Online Access Free ISACA.CISM.v2021-10-30.q999 Practice Test (Page 196)

Which of the following is the BEST approach for determining the maturity level of an information security program?

A.Perform a self-assessment.

B.Evaluate key performance indicators (KPls).

C.Engage a third-party review.

D.Review internal audit results.

Which of the following is the MOST effective way to communicate information security risk to senior management?

A.Key performance indicators (KPIs)

B.Business impact analysis (BIA)

C.Balanced scorecard

D.Heat map

The decision to escalate an incident should be based PRIMARILY on:

A.organizational hierarchy.

B.prioritization by the information security manager.

C.predefined policies and procedures.

D.response team experience.

Data owners will determine what access and authorizations users will have by:

A.delegating authority to data custodian.

B.cloning existing user accounts.

C.determining hierarchical preferences.

D.mapping to business needs.

Quantitative risk analysis is MOST appropriate when assessment data:

A.include customer perceptions.

B.contain percentage estimates.

C.do not contain specific details.

D.contain subjective information.

Other Version: 1869ISACA.CISM.v2024-10-14.q528; 599ISACA.CISM.v2024-07-14.q167; 704ISACA.CISM.v2024-04-24.q336; 1245ISACA.CISM.v2023-09-14.q160; 1230ISACA.CISM.v2023-09-09.q151; 1219ISACA.CISM.v2023-08-22.q180; 985ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1024ISACA.CISM.v2023-03-07.q88; 4376ISACA.CISM.v2022-09-16.q374; 8259ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11771ISACA.CISM.v2022-04-15.q999

Latest Upload: 257ISACA.CGEIT.v2025-09-19.q537; 153Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 154Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 243Nutanix.NCP-US-6.5.v2025-09-16.q73; 264Oracle.1z0-071.v2025-09-16.q232; 203Oracle.1Z1-922.v2025-09-16.q125; 324CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

Download PDF File