ISACA CISM (Information Security Governance) Domain 1) Practice Questions and Answers (100% Pass)

©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM 1 ISACA CISM (Information Security Governance) Domain 1) Practice Questions and Answers (100% Pass) Maintain Info Sec Strategy with organization to meet? - Answer️️ -Goals and objectives Organizational goals and objectives guide management to meet? - Answer️️ -Info Sec Program Info Sec governance framework guides/support? - Answer️️ -Activities of Info Sec strategy Integrate Info Sec governance with corporate governance to ensure? - Answer️️ - Organizational goals and objectives are supported by the security program. Policies guide and will develop? - Answer️️ -Standards, procedures, and guidelines Standards, procedures, standards, and guidelines align with? - Answer️️ - Enterprise goals and objectives Techniques to develop the security strategy? - Answer️️ -SWOT, gap analysis, threat research ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM 2 Business cases support? - Answer️️ -Investments in information security Ongoing support from _____________ support successful implementation of the Info Sec strategy? - Answer️️ -Senior leadership and stakeholders Establish, monitor, evaluate and report key Info Sec metrics to? - Answer️️ - Management for accurate and meaningful info regarding the effectiveness of the Info Sec program. The Info Sec governance framework guides activities to support? - Answer️️ - The Info Sec strategy Ensure internal and external influences to the organization are continually addressed by the Info Sec program. Give examples? - Answer️️ -Emerging technologies, social media, business environment, risk tolerance, regulatory requirements, third-party considerations, threat landscape The strategy documents the? - Answer️️ -Direction and goals for the Info Sec program For Info Sec to be effective, what is needed to protect info assets? - Answer️️ -An Info Sec strategy is essential Who determines the strategy? - Answer️️ -Senior Management ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM 3 The strategy provides the basis to implement? - Answer️️ -Effective Info Sec governance What is Governance? - Answer️️ -The rules to run the organization Policies, standards, and procedures are used to? - Answer️️ -Set the direction and control the organizations activities The first step in establishing an Info Sec governance? - Answer️️ -Senior management determines the outcomes it wants from Info Sec program Security program outcomes are stated in terms of? - Answer️️ -Often stated in terms of Risk Management and the levels of acceptable risk The Security Program outcomes are determined by? - Answer️️ -Senior management and business unit leaders The ISM then has the information needed to develop? - Answer️️ -A set of requirements for a security program, then followed by objectives, to satisfy the requirements. An element of developing the strategy is to develop? - Answer️️ -Objectives or the desired state ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM 4 The desired state is based on the outcomes set by? - Answer️️ -Senior Management What assists with defining the desired state? - Answer️️ -A variety of frameworks The outcomes and levels of acceptable risk should? - Answer️️ -Be determined and used to set control objectives What does the ISM use to move from the current to the desired state? - Answer️️ -Gap analysis, becomes the basis of the strategy What is used to identify specifics needed to achieve objectives? - Answer️️ - Roadmap What is identified to navigate the road map and implement strategy? - Answer️️ - Identify resources What constraints should you consider? - Answer️️ -Time limits, skills available, funding, laws and regulations Many resources should be considered for achieving the strategy's objectives? - Answer️️ -Technologies, standards, and processes ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM 5 Info Sec governance needs to be integrated into the? - Answer️️ -Overall governance structure to ensure that the organizational goals are supported by the Info Sec program The governance framework is an outline or skeleton of interlinked items that support? - Answer️️ -A particular approach to a specific objective as stated in the strategy Name the frameworks? - Answer️️ -COBIT 5, IAO/IEC 27000 What does a framework do? - Answer️️ -Integrate and guide activities needed to implement the security strategy Info Sec governance is a subset of corporate governance and must be consistent with? - Answer️️ -Enterprise's governance Security policies are designed to? - Answer️️ -Mitigate risk and are usually developed in response to an actual or perceived threat Policies state management? - Answer️️ -Intent and direction at a high level Policies are developed or modified to support? - Answer️️ -The s