To implement effective continuous monitoring of IT controls, an information security manager needs to first ensure that information assets have been classified. This includes identifying and prioritizing the organization's critical assets, such as sensitive data, systems, and infrastructure, and assessing the risks associated with them. Once the assets have been classified, the information security manager can then develop a monitoring plan that focuses on the most critical assets and risks.
Understanding the value and importance of information assets through classification is a fundamental step in designing an effective continuous monitoring program.
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Broesweelies
Highly Voted 1 year, 9 months agoats20
Most Recent 9 months, 3 weeks agowickhaarry
1 year, 1 month agorichck102
1 year, 5 months ago