B. The program is aligned to a security control framework.
A security control framework provides a structured approach for identifying, assessing, and mitigating information security risks. It is important to align an information security program to a security control framework in order to ensure that the program is comprehensive and that all necessary security controls are in place. The alignment with a security control framework also helps to ensure that the organization is compliant with relevant laws, regulations and industry standards.
Aligning the security framework to best practices is advisable as it will increase the credibility of your programme. BUT it is not as important as user training and awareness. You can have the best security programme in the world - it will be useless, if users dont care.
Want to chime in and state that when a question involves MOST and training/education is one of the answers, 95% of the time the correct answer is training/education. Why? Because we all know users are the largest threat to any business.
This is definitely D. Once again the people saying B have used chatGPT and haven't got a clue what they're on about.
How can you cay that it is more useful for a security program to follow a framework (of which there are several) than it is for you employees to be educated and properly trained?
ISACA emphasizes the importance of aligning the information security program with recognized security control frameworks.
This alignment helps organizations establish a structured and comprehensive approach to information security management.
ISACA's CISM (Certified Information Security Manager) certification focuses on information security management and requires candidates to have a deep understanding of establishing, managing, and governing information security programs. One of the key aspects of a successful information security program, as emphasized by ISACA, is the alignment to a security control framework.
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Manzer
Highly Voted 2 years, 1 month agoBroesweelies
Highly Voted 1 year, 11 months agoJosef4CISM
Most Recent 6 months, 1 week ago03allen
8 months, 1 week agooluchecpoint
11 months, 2 weeks agoPOWNED
1 year agojcisco123
1 year agoAaronS1990
1 year, 5 months agoAaronS1990
1 year, 5 months agooluchecpoint
1 year, 3 months agorichck102
1 year, 6 months agoSaisharan
1 year, 7 months agomad68
1 year, 8 months agomeelaan
1 year, 9 months agoaokisan
2 years, 1 month ago