The primary purpose of deploying information security metrics is to provide information that is needed to make informed decisions regarding the organization's security posture and to help in managing and improving security. While the other options (A, B, and C) may be secondary benefits of using security metrics, the primary goal is to provide data and insights that enable decision-makers to assess the effectiveness of security measures, identify vulnerabilities, and allocate resources appropriately to address security risks.
D. provide information needed to make decisions. The primary purpose for deploying information security metrics is to provide the organization with the information it needs to make informed decisions about the management and protection of its information assets. This includes measuring the effectiveness of the organization's information security program, identifying areas for improvement, and tracking progress over time.
I think is A because is asked about the PRIMARY. And the primary should be making sure things are working as suppose, only after that can support making decisions.
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
ATT5832
5 months, 1 week agooluchecpoint
1 year, 7 months agorichck102
1 year, 9 months agowello
1 year, 10 months agoDravidian
1 year, 12 months agoCyberD1ver
2 years agoCarlPTY07
2 years, 1 month agoSouvik124
2 years, 2 months agoBroesweelies
2 years, 2 months agoMyKasala
2 years, 3 months agoprpslux
2 years, 3 months agoZiggybooboo
2 years, 5 months agok4d4v4r
2 years, 6 months ago