Home > Certified Information Security Manager (CISM) > Quizzes > CISM: Information Security Roles And Responsibilities
CISM: Information Security Roles And Responsibilities
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 57% Most missed: “The data custodian is primarily responsible for which of the following?”
CISM: Information Security Roles And Responsibilities
Time left 00:00
25 Questions

1. Which of the following is an immediate benefit of having well-defined roles and responsibilities from an information security perspective?
2. Who is responsible for complying with the organization's security policies and standards?
3. Appointing a CISO indicates which of the following?
4. Information security is the responsibility of which of the following?
5. The responsibility for establishing information security controls in an application resides with which of the following?
6. The data custodian is primarily responsible for which of the following?
7. Prioritization of information security projects should be best conducted based on which of the following?
8. What is the best way to ensure that responsibilities are carried out?
9. Who is responsible for enforcing the access rights of employees?
10. What is the data retention policy primarily based on?
11. To determine the extent of sound processes, the maturity model is used. Another approach is to use which of the following?
12. Who should security policies be finally approved by?
13. What is the most important security aspect for a multi-national organization?
14. In the case of a disagreement between the IT team and security team on a security aspect, the security manager should do which of the following?
15. Who is responsible for information classification?
16. The main objective of integrating security-related roles and responsibilities is which of the following?
17. Information system access should be primarily authorized by which of the following?
18. Which of the following is the area of most concern for the information security manager?
19. The most likely authority to sponsor the implementation of new security infrastructure for business processes is which of the following?
20. What is the best way to gain support from senior management for information security projects?
21. The information security manager observed that the incident log is stored on a production database server. Which of the following is a major concern?
22. What is the prime role of an information security manager in a data classification process?
23. What is the responsibility of the information owner when complying with the information classification scheme?
24. The process of mapping job descriptions to relevant data access rights will help in adherence to which of the following security principles?
25. The effectiveness of SoD is best ensured by which of the following?