Which of the following approaches is BEST for selecting controls to minimize information security risks?
Answer(s): C
Which of the following is the MOST appropriate course of action when the risk occurrence rate is low but the impact is high?
Answer(s): A
Which of the following is the MOST effective way to communicate information security risk to senior management?
Security risk assessments should cover only information assets that:
Which of the following is an indicator of improvement in the ability to identify security risks?
Answer(s): D
Share your comments for ISACA CISM exam with other users:
A and D are True
good one with explanation
This is one of the most useful study guides I have ever used.
Keeping this site free takes real effort. We constantly battle automated scraping and unauthorized content copying. A quick account helps us protect the community and keep the site free.
To continue studying for your CISM, please sign in or create a free account.