ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 310 discussion

Actual exam question from Isaca's CISM
Question #: 310
Topic #: 1
[All CISM Questions]

An information security manager has identified that security risks are not being treated in a timely manner. Which of the following is the BEST way to address this situation?

  • A. Assign a risk owner to each risk.
  • B. Create mitigating controls to manage the risks.
  • C. Provide regular updates about the current state of the risks.
  • D. Re-perform risk analysis at regular intervals.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by richck102 at June 6, 2023, 7:11 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
yottabyte
9 months, 3 weeks ago
Selected Answer: A
A for Accountability will be the best choice here!
upvoted 3 times
...
SpaceMonkey1
1 year ago
A for accountability.
upvoted 2 times
...
oluchecpoint
1 year, 4 months ago
A. Assign a risk owner to each risk. Assigning a risk owner is a crucial step in the risk management process. When there is a clear owner responsible for each identified risk, it ensures accountability and ownership of the risk treatment process. The risk owner is responsible for implementing necessary controls, monitoring the risk, and taking action if the risk escalates or changes. This helps ensure that risks are addressed in a timely and effective manner.
upvoted 2 times
...
Hugo1717
1 year, 4 months ago
Selected Answer: A
The correct answer is A. Assign a risk owner to each risk. Explanation: Among the options provided, the best way to address the situation of security risks not being treated in a timely manner is to assign a risk owner to each risk. Here's why this option is the best way to address the situation: A. Assign a risk owner to each risk: Assigning a risk owner makes someone accountable for the management and treatment of each specific risk. This accountability increases the likelihood of timely and effective risk treatment. The risk owner is responsible for ensuring that appropriate mitigating actions are taken to address the risk.
upvoted 2 times
...
Akam
1 year, 5 months ago
Selected Answer: C
It's C. It's talking about time. if it's appropriate to select option A, it would be also appropriate to select option B.
upvoted 1 times
...
sphenixfire
1 year, 5 months ago
Selected Answer: C
Nope ir was regarding time.
upvoted 1 times
...
richck102
1 year, 7 months ago
Selected Answer: A
A. Assign a risk owner to each risk.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel