The primary purpose for defining key risk indicators (KRIs) for a security program is to provide information needed to take action. KRIs help organizations identify and track the most critical risks they face, and allow them to prioritize and allocate resources to effectively mitigate those risks. By monitoring KRIs, organizations can quickly detect and respond to emerging threats, ensuring they are able to take appropriate action to minimize potential harm.
C. provide information needed to take action.
Key risk indicators (KRIs) are specific metrics or data points that are monitored to provide early warning signs of potential risks or issues in a security program. These indicators help organizations identify emerging threats, vulnerabilities, or weaknesses in their security posture so that they can take timely and appropriate actions to mitigate those risks. The primary goal of KRIs is to provide actionable information that enables organizations to proactively manage and address security risks.
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Broesweelies
Highly Voted 1 year, 5 months agooluchecpoint
Most Recent 10 months agorichck102
1 year, 1 month ago