ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 213 discussion

Actual exam question from Isaca's CISM
Question #: 213
Topic #: 1
[All CISM Questions]

An information security manager is asked to provide a short presentation on the organization's current IT risk posture to the board of directors. Which of the following would be MOST effective to include in this presentation?

  • A. Gap analysis results
  • B. Risk register
  • C. Threat assessment results
  • D. Risk heat map
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Broesweelies at Jan. 21, 2023, 2:06 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Broesweelies
Highly Voted 1 year, 5 months ago
Selected Answer: D
An effective way to include in a short presentation on the organization's current IT risk posture to the board of directors would be a risk heat map. A risk heat map is a visual representation of the organization's current risk posture, which allows the board of directors to quickly and easily understand the overall level of risk, as well as the areas of greatest concern. It can be used to highlight the most critical risks the organization is facing, including the likelihood and potential impact of each risk. The heat map can be used to communicate the current risk posture of the organization and the effectiveness of implemented controls. The board of directors can then make informed decisions on where to allocate resources to mitigate the most critical risks. While gap analysis results, risk register, threat assessment results can also be useful, a heat map is a more visually appealing and effective way to present the information to the board of directors.
upvoted 5 times
...
1899f17
Most Recent 1 month, 3 weeks ago
Why not B
upvoted 1 times
afb4b17
1 month, 1 week ago
B gives too much details. This is too much information for board members. A risk heat map gives focus to the most important items to be worried about.
upvoted 1 times
...
...
oluchecpoint
10 months, 2 weeks ago
D. Risk heat map. Risk Heat map visually represents the organization's risks, typically using colors to indicate the severity or likelihood of each risk. This graphical representation makes it easy for non-technical board members to quickly grasp the state of IT risks. It provides a clear and concise overview of where the most significant risks lie and allows for easy prioritization and decision-making.
upvoted 1 times
...
richck102
1 year, 1 month ago
D. Risk heat map
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago