Online Access Free ISACA.CISM.v2022-08-01.q522 Practice Test (Page 24)

CISM Exam Question 111

A legacy application does not comply with new regulatory requirements to encrypt sensitive data at rest, and remediating this issue would require significant investment. What should the information security manager do FIRST?

A.Present the noncompliance risk to senior management.

B.Assess the business impact to the organization.

C.Investigate alternative options to remediate the noncompliance.

D.Determine the cost to remediate the noncompliance.

CISM Exam Question 112

A CEO requests access to corporate documents from a mobile device that does not comply with organizational policy. The information security manager should FIRST:

A.evaluate a third-party solution.

B.initiate an exception approval process.

C.evaluate the business risk.

D.deploy additional security controls.

CISM Exam Question 113

Risk reporting requirements should be PRIMARILY based on:

A.policies approved by information security.

B.events defined by information security.

C.the criticality of assets.

D.criteria approved by management,

CISM Exam Question 114

To gain a clear+ understanding of the impact that a new regulatory requirement will have on an organization s information security controls, an information security manager should FIRST:

A.perform a gap analysis.

B.conduct a risk assessment

C.interview senior management

D.conduct a cost-benefit analysis.

CISM Exam Question 115

Which of the following is MOST useful to include in a report to senior management on a regular basis to demonstrate the effectiveness of the information security program?

A.Key risk indicators (KRIs)

B.Critical success factors (CSFs)

C.Capability maturity models

D.Key performance indicators (KPls)

Other Version: 1888ISACA.CISM.v2024-10-14.q528; 606ISACA.CISM.v2024-07-14.q167; 717ISACA.CISM.v2024-04-24.q336; 1262ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1228ISACA.CISM.v2023-08-22.q180; 1006ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4388ISACA.CISM.v2022-09-16.q374; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11782ISACA.CISM.v2022-04-15.q999; 14835ISACA.CISM.v2021-10-30.q999

Latest Upload: 287ISACA.CGEIT.v2025-09-19.q537; 153Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 154Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 244Nutanix.NCP-US-6.5.v2025-09-16.q73; 265Oracle.1z0-071.v2025-09-16.q232; 203Oracle.1Z1-922.v2025-09-16.q125; 325CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 111

CISM Exam Question 112

CISM Exam Question 113

CISM Exam Question 114

CISM Exam Question 115

Download PDF File