ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 576 discussion

Actual exam question from Isaca's CISM
Question #: 576
Topic #: 1
[All CISM Questions]

The PRIMARY goal of information security governance is to:

  • A. reduce risk to an acceptable level.
  • B. align with business processes.
  • C. align with business objectives.
  • D. establish a security strategy.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Souvik124 at Feb. 17, 2023, 5:33 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Josef4CISM
2 days, 22 hours ago
Selected Answer: C
It's a tough choice between A and C. Actually the security strategy should be aligned with business objectives. The security governance is derived from the security strategy, so its inherent already. The main goal of security governance could be to reduce risk to an acceptable level, as a function of the security strategy. However, I still choose C - simply because I assume thats what ISACA wants to hear.
upvoted 1 times
...
oluchecpoint
4 months ago
Selected Answer: C
C. align with business objectives. The primary goal of information security governance is to align with business objectives. Information security governance is the process of establishing and maintaining a framework that ensures an organization's information security practices and measures are aligned with its overall business goals and objectives. While reducing risk to an acceptable level is an important aspect of information security governance, the ultimate aim is to ensure that security measures support and enhance the organization's broader business objectives. Alignment with business processes and the establishment of a security strategy are also important components of information security governance, but they serve the overarching goal of aligning with business objectives.
upvoted 2 times
d7a2ba6
3 weeks, 5 days ago
The ultimate goal can not be to align with business objective. The goal is to reduce risk, the way to do it is by aligning with business objectives. If the goal is only to align, then it would be possible to reach the goal without any security relevance or risk reduction.
upvoted 1 times
...
...
richck102
6 months, 2 weeks ago
C. align with business objectives
upvoted 2 times
...
Souvik124
10 months, 4 weeks ago
The correct answer is C. align with business objectives.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago