Quiz CISM

Quiz CISM, Certified Information Security Manager

Which of the following BEST indicates a successful risk management practice?

Which of the following would generally have the GREATEST negative impact on an organization?

which of the following to determine the amount of resources devoted to mitigating exposures?

Which of the following will BEST protect an organization from internal security attacks?

For risk management purposes, the value of an asset should be based on:

In a business impact analysis, the value of an information system should be based on the overall cost:

Acceptable risk is achieved when:

The value of information assets is BEST determined by:

which phase of development is it MOST appropriate to begin assessing the risk of a new application system?

The MOST effective way to incorporate risk management practices into existing production systems is through: