exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam

Exam CISM topic 1 question 36 discussion

Actual exam question from Isaca's CISM
Question #: 36
Topic #: 1
[All CISM Questions]

An organization's CIO has tasked the information security manager with drafting the charter for an information security steering committee. The committee will be comprised of the CIO, the IT shared services manager, the vice president of marketing, and the information security manager. Which of the following is the MOST significant issue with the development of this committee?

  • A. The committee consists of too many senior executives.
  • B. The committee lacks sufficient business representation.
  • C. There is a conflict of interest between the business and IT.
  • D. The CIO is not taking charge of the committee.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Viperhunter
3 months, 3 weeks ago
Selected Answer: B
The composition of the committee includes the CIO, the IT shared services manager, the information security manager, and the vice president of marketing. While the CIO and IT shared services manager represent the IT function, and the information security manager represents security, having only the vice president of marketing as a representative from the business may not provide sufficient business representation. A more balanced and comprehensive steering committee would typically include key stakeholders from various business units to ensure that information security decisions align with overall business objectives. While the other options may have some relevance, the lack of sufficient business representation is generally a more critical concern for the effectiveness and holistic alignment of the information security steering committee with the organization's overall goals.
upvoted 1 times
...
oluchecpoint
6 months, 2 weeks ago
B To address this issue, the organization should consider expanding the committee's membership to include more representatives from various business units, ensuring that a wider range of business interests and perspectives are taken into account when making information security decisions. This can help improve alignment between information security efforts and the organization's overall business objectives.
upvoted 1 times
...
richck102
10 months ago
B. The committee lacks sufficient business representation.
upvoted 3 times
...
CarlLimps
1 year, 1 month ago
Selected Answer: B
Yessirre! B. The committee lacks sufficient business representation.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago