I think answer is A. Test results are more credible than user opinion (option C).
Increase in the frequency of phishing tests doesn't ensure effectiveness of training.
Increase in the speed of incident resolution is not strictly related to awareness: it depends above all on the effectiveness of the incident resolution process.
An increase in positive user feedback is the most comprehensive and direct indicator of an effective information security awareness training program because it reflects user satisfaction and engagement with the training content and its impact on their security awareness. However, it's advisable to use a combination of these indicators to get a more complete picture of the program's effectiveness.
Note: An increase in the identification rate during phishing simulations: This is a specific and measurable metric related to security awareness. However, it doesn't necessarily capture the overall effectiveness of the training program because it focuses only on one aspect (phishing simulations) and doesn't consider the broader impact of the training.
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Salilgen
11 months, 1 week agooluchecpoint
1 year, 5 months agoozlem
1 year, 3 months agorichck102
1 year, 7 months agocosmo4ng
1 year, 10 months agoomaigret
2 years ago