Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 663 discussion

Actual exam question from Isaca's CISA
Question #: 663
Topic #: 1
[All CISA Questions]

Which of the following is the MAIN purpose of an information security management system?

  • A. To enhance the impact of reports used to monitor information security incidents
  • B. To reduce the frequency and impact of information security incidents
  • C. To identify and eliminate the root causes of information security incidents
  • D. To keep information security policies and procedures up-to-date
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Nehalpandya at May 25, 2021, 12:46 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Swallows
4 months ago
Selected Answer: B
An information security management system provides an organization with a structured approach to address information security incidents and minimize their frequency and impact, including implementing appropriate security measures, assessing and managing risks, quickly detecting and responding to incidents, and strengthening preventive measures.
upvoted 1 times
...
RS66
4 months, 1 week ago
Selected Answer: B
ISMS contains a lot more than policies and procedures. I say B and not D.
upvoted 2 times
...
[Removed]
11 months, 2 weeks ago
Selected Answer: B
an ISMS is usually implemented as the result of risk analysis to eliminate or reduce risk to an acceptable level
upvoted 1 times
...
JONESKA
1 year, 4 months ago
Should be B. Keeping information security policies and procedures up-to-date (option D) is an important aspect of an ISMS, but it is not the main purpose. An ISMS involves a more comprehensive approach to managing information security, encompassing not only policies and procedures but also risk assessment, controls implementation, monitoring, and continuous improvement.
upvoted 2 times
...
m4s7er
1 year, 9 months ago
answer is B
upvoted 2 times
...
Deeplaxmi
2 years, 2 months ago
i feel B
upvoted 1 times
...
Jhenn
3 years, 3 months ago
B is the Answer: An information security management system (ISMS) is a set of policies and procedures for systematically managing an organization's sensitive data. The goal of an ISMS is to minimize risk and ensure business continuity by pro-actively limiting the impact of a security breach.
upvoted 1 times
...
inddir
3 years, 5 months ago
Answer should be B because that should be the MAIN purpose or outcome security policies and procedures
upvoted 1 times
...
Nehalpandya
3 years, 6 months ago
correct answrr should be D
upvoted 1 times
Clair665
3 years, 5 months ago
NO I think the answer is B
upvoted 1 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel