100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
Certified Information Security Manager - Chapter 3 Questions and Answers (100% Correct) CA$19.47   Add to cart
Quickly navigate to
Preview
  2.  
  3. CISM
  4.  
  5. CISM

Exam (elaborations)

Certified Information Security Manager - Chapter 3 Questions and Answers (100% Correct)
 6 views  0 purchase
  • Course
  • CISM
  • Institution
  • CISM

©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM 1 Certified Information Security Manager - Chapter 3 Questions and Answers (100% Correct) 3.0 INTRODUCTION What is the purpose of the information security program? - Answer️️ -The purpose of the infosec prg is to exec...

[Show more]

Preview 4 out of 79  pages

Document information

  • August 16, 2024
  • 79
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

  • certified information security manager chapter 3

Written for

  • CISM
  • CISM

Seller

avatar-seller
OliviaWest

Reviews received

Content preview

©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM



Certified Information Security Manager - Chapter 3
Questions and Answers (100% Correct)


3.0 INTRODUCTION


What is the purpose of the information security program? - Answer✔️✔️-The

purpose of the infosec prg is to execute the strategy and achieve the org objectives

for acceptable levels of risk and business disruption.

3.0 INTRODUCTION

What is the road map based on? What is done to create it (high level)? -

Answer✔️✔️-Roadmap is made based on strategy. Set high level objectives or goals

and desired outcomes with a plan to achieve..

3.0 INTRODUCTION


What is in a roadmap? What is it used for? - Answer✔️✔️-Roadmaps are a plan that

has detailed steps to achieve goals/obj in strategy.




The plans include activities required to manage, maintain, and improve cost-

effectiveness of the prg



1

,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM


3.0 INTRODUCTION

For management to be effective, this needs to be done _________________. -

Answer✔️✔️-For management to be effective, good metrics and monitor need to be

done.

3.0 INTRODUCTION

For management to be effective, what else must be monitored, in addition metrics

at the operational, tactical, and strategic levels? - Answer✔️✔️-For management to

be effective, what else needs to be monitoring in addition to metrics at the

operational, tactical, and strategic levels?




1. Essential controls

2. Key risk indicators to warn of change risk

3. Internal and external environments

4. Compliance with policies and standards

3.0 INTRODUCTION


What are the main levels in which metrics must be monitored? - Answer✔️✔️-

Metrics must be monitored at the operational, tactical, and strategic levels.



2

,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM


3.1 INFORMATION SECURITY MGMT OVERVIEW


What does infosec prg include? - Answer✔️✔️-Infosec prgm encompasses all

activities and resources that provide infosec services to an org. These primarily

include




1. Design

2. Development

3. Integration of enterprise wide controls related to infosec

4. Ongoing administration and mgmt of ctrls

3.1 INFORMATION SECURITY MGMT OVERVIEW


What skills will ISM need to gain expertise in? - Answer✔️✔️-ISMs will need to

gain skills in




1. Budgeting

2. Planning

3. Business case development

4. Recruiting


3

, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM


5. Other personnel related functions

3.1 INFORMATION SECURITY MGMT OVERVIEW


What are the three essential elements to a program? - Answer✔️✔️-Design,

implementation, and management




1. Prg must be executed in close alignment with infosec strategy. Must meet

supporting org objectives

2. Prg must be designed with support from mgmt and stakeholders

3. Metrics must be developed for prg design, implementation, and ongoing prg

mgmt phases to determine if prg is doing well.

3.1 INFORMATION SECURITY MGMT OVERVIEW


When you start building an infosec prg, what activities do you do? - Answer✔️✔️-

To building an infosec prg, you must




1. Define overall objectives for infosec. These should link to org objs.

2. Need methodologies for achieving desired state.




4

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller OliviaWest. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for CA$19.47. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

81989 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
CA$19.47
  • (0)
  Add to cart