Exam CISM topic 1 question 712 discussion

The BEST evidence of alignment between corporate and information security governance is "B. Senior management sponsorship." Senior management sponsorship refers to the active involvement and support of senior management in the development and implementation of the information security program. This is a clear sign that the organization's leadership recognizes the importance of information security and is committed to ensuring its integration into the overall governance structure.

B - The organization’s leadership is committed to integrating information security into the overall business strategy. A (KPI) alone does not guarantee alignment with corporate governance.

What if you have cool KPIs but the senior management is not aligned? then for sure there is no good alignment...

B. Senior management sponsorship The best evidence of alignment between corporate and information security governance is senior management sponsorship. This indicates that the top-level executives and leaders within the organization are actively supporting and advocating for information security measures and policies. When senior management is involved and committed to information security, it signifies that security is a priority for the organization as a whole and is integrated into the corporate governance framework.

From the CISM Review Manual, 27th Edition (Page 51): "The effectiveness, efficiency, confidentiality, integrity, availability, compliance and reliability of information are strategic objectives enabled by information security governance...measurement methods might include scorecards and other key performance indicators."

The BEST evidence of alignment between corporate and information security governance is B. Senior management sponsorship. Senior management sponsorship is a strong indication of the alignment between corporate and information security governance. When senior management actively supports and champions information security initiatives, it demonstrates a commitment to integrating security into the overall corporate governance framework. This sponsorship provides the necessary authority, resources, and direction to ensure that information security is given appropriate attention and priority within the organization.

B. Senior management sponsorship

it' KPI. They are asking about alignment not what best drive

it' KPI. They are asking about alignment not what best drive

The best evidence of alignment between corporate and information security governance is the use of security key performance indicators (KPIs). A

BEST evidence would be senior management sponsorship

B. Senior management sponsorship.