Home > Certified Information Security Manager (CISM) > Quizzes > CISM: Information Security Governance
CISM: Information Security Governance
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 61% Most missed: “What is the main objective of the information security strategy?”
CISM: Information Security Governance
Time left 00:00
25 Questions

1. The timeline for the implementation of information security strategic plan should be which of the following?
2. A road map for information security implementation is primarily based on which of the following?
3. Which of the following is the main reason for a change in policy?
4. 'Systems thinking' in reference to information security indicates which of the following?
5. The most important result of an information security strategy is which of the following?
6. The most important objective of the information security strategy is which of the following?
7. The best way to align the security goals with the business goals is which of the following?
8. The most important consideration while developing an information security strategy is which of the following?
9. Which of the following is the best approach for an information security manager when there is a disagreement between them and the business manager on security aspects of a new process?
10. The best way to address the conflicting requirements of a multinational organization's security policy with local regulations is which of the following?
11. The information security manager has been asked to implement a particular security standard. Which of the following is most effective to monitor this?
12. In an information security steering committee, there is no representation from user management. Which of the following is the main risk as a result of this?
13. Which of the following is considered the most significant key risk indicator?
14. An information security manager is asked to develop a cost-effective information security strategy. What is the most important step?
15. The first step in developing an information security plan is which of the following?
16. Which of the following should be the first action while developing an information security strategy?
17. The most important aspect from the perspective of senior management in an information security strategy is which of the following?
18. The objective of the information security strategy can be best described as which of the following?
19. Commitment and support from senior management with respect to information security can be best addressed by which of the following?
20. The most important factor to be included in the information security strategic plan is which of the following?
21. The main objective of designing an information security strategy is which of the following?
22. The prime objective of developing an information security strategy is which of the following?
23. Immediately after implementing access control for the internet, employees started complaining of being unable to perform business functions on internet sites. This is an example of which of the following?
24. Accountability for information categorization and protective measures reside with which of the following?
25. While developing the security strategy, the security manager should be most concerned about which of the following?