Correct answer is B: Regular IT balanced scorecards are communicated. Because it reflects measured performance, strategic alignment, and the program’s ability to demonstrate value and accountability — core CISM principles.
Not B because, balance scorecard does not directly indicate the effectiveness of the security program in terms of detecting and responding to incidents. Balanced scorecards provide a high-level overview of various metrics but may not capture the nuances of incident detection and reporting improvements
In summary, regular communication of balanced scorecards provides a more holistic and ongoing assessment of the information security program's effectiveness, making option B the best choice.
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
SHERLOCKAWS
4 months, 3 weeks agoBooict
1 year agomaisarajarrah
1 year, 7 months agokillainc
1 year, 7 months agorichck102
1 year, 10 months agoAaronS1990
1 year, 11 months agoSaisharan
1 year, 12 months agoAidanSun
2 years agoEwunia
2 years agoAleksandra1987
2 years ago