Answer is B: Determine information security's impact on the achievement of organizational goals. Because understanding the business context is the first step to building a strategy that truly aligns.
C. Assess information security risk associated with the organizational goals, is also critical, but only after you know how security relates to those goals.
what a headache..I better choose C so to identify the risks that could stop the business from achieving those goals. That becomes the foundation of the strategy. apologies for changing my answer
B - Understanding how information security supports or affects organizational goals is essential. It ensures that security initiatives align with business objectives and priorities. Whereas C is - it comes after understanding the impact. Risk assessment builds upon the context provided by organizational goals
Going with C. The B says "impact on the achievement of organizational goals.". On the "achievement of organizational goals"? does not make sense. C seems more good, it talks about "Assess"
C. Assess information security risk associated with the organizational goals
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
SHERLOCKAWS
1 month, 1 week agoSHERLOCKAWS
3 weeks, 1 day agoBooict
9 months, 2 weeks agoMarcelus1714
1 year, 2 months agoPOWNED
1 year, 3 months agoFantasyDream
1 year, 3 months agoPeteyPete
1 year, 3 months ago