exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam

Exam CISM topic 1 question 606 discussion

Actual exam question from Isaca's CISM
Question #: 606
Topic #: 1
[All CISM Questions]

Which of the following is MOST helpful in ensuring an information security governance framework continues to support business objectives?

  • A. A consistent risk assessment methodology
  • B. A monitoring strategy
  • C. An effective organizational structure
  • D. Stakeholder buy-in
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Manzer
Highly Voted 2 years ago
Selected Answer: D
Stakeholders are the most important
upvoted 6 times
...
Broesweelies
Highly Voted 1 year, 11 months ago
Selected Answer: D
D. Stakeholder buy-in is the most helpful in ensuring an information security governance framework continues to support business objectives. For a framework to be effective, it must have the support and buy-in of all stakeholders, including executives, managers, employees, and customers. This involves communicating the importance of information security and ensuring that everyone understands their role in supporting the framework. When stakeholders are invested in the framework and understand its goals, they are more likely to follow policies and procedures, report incidents, and support continuous improvement.
upvoted 5 times
...
Thavee
Most Recent 9 months ago
Selected Answer: A
Not a good question what does it mean by "ensuring an information security governance framework continues to support business objectives?" Scenario 1 ensuring an information security governance framework continues to support (by not lacking of the resources) business objectives? ---> The answer is D. Scenario 2 ensuring an information security governance framework continues to support (due to its good policy/process/procedure/standard/guideline/etc) business objectives? ---> The answer is A --> consistent risk assessment methodology is needed in order to ensure that the framework shall always support the business objectives. I picked Scenario 2
upvoted 2 times
...
Thavee
9 months ago
Not a good question what does it mean by "ensuring an information security governance framework continues to support business objectives?" Scenario 1 ensuring an information security governance framework continues to support (by not lacking of the resources) business objectives? ---> The answer is D. Scenario 2 ensuring an information security governance framework continues to support (due to its good policy/process/procedure/standard/guideline/etc) business objectives? ---> The answer is A --> consistent risk assessment methodology is needed in order to ensure that the framework shall always support the business objectives.
upvoted 1 times
...
Soleandheel
1 year, 1 month ago
B. A monitoring strategy is the best answer option.......a monitoring strategy is essential for ensuring that an information security governance framework continues to support business objectives by continuously assessing and adapting security measures to the changing business landscape. It helps maintain the relevance and effectiveness of the governance framework in achieving business goals. Stakeholder buy-in is an important prerequisite for the effectiveness of a governance framework but monitoring ensures that the framework continues on an ongoing basis to support the business objectives. Monitoring keeps everything on the right path.
upvoted 1 times
Salilgen
10 months, 1 week ago
Business objectives could change over time. You only can ensure alignment by stakeholder buy-in
upvoted 1 times
...
...
koala_lay
1 year, 3 months ago
Selected Answer: D
All of the options listed are important for ensuring an information security governance framework continues to support business objectives. However, the option that is MOST helpful in this regard is: D. Stakeholder buy-in - Having buy-in from stakeholders is crucial for the successful implementation and ongoing support of an information security governance framework. When key stakeholders, such as senior management, executives, and other decision-makers, are actively involved and supportive of the framework, it increases the likelihood of adequate resources, support, and commitment to information security initiatives. Stakeholder buy-in ensures that the framework aligns with business objectives and receives the necessary support and attention to remain effective.
upvoted 1 times
...
CISSPST
1 year, 4 months ago
Stakeholders are comprised of business/system/data owners, and they are the most knowledgeable about their respective business objectives. Obtaining their buy-in is paramount.
upvoted 1 times
...
oluchecpoint
1 year, 4 months ago
Selected Answer: D
D. Stakeholder buy-in Stakeholder buy-in is the most critical factor in ensuring that an information security governance framework continues to support business objectives. Without the support and commitment of key stakeholders, including senior management and executives, it can be challenging to implement and maintain effective information security measures within an organization. Stakeholder buy-in ensures that there is alignment between the information security goals and the broader business objectives, which helps secure the necessary resources, funding, and attention required for a successful security program.
upvoted 1 times
...
richck102
1 year, 6 months ago
D. Stakeholder buy-in
upvoted 1 times
...
Souvik124
1 year, 11 months ago
stakeholder buy-in is the MOST helpful, as it ensures that the governance framework is aligned with the needs and goals of the organization.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...