Study tips CISM

Which of the following is the MAIN objective in contracting with an external company to perform penetration testing?

The MAIN job requirement in this arrangement is that the IT manager:

Which of the following access control approaches is MOST appropriate?

A critical component of a continuous improvement program for information security is:

Which of the following is the MOST likely outcome of a well-designed information security awareness course?

Which item would be the BEST to include in the information security awareness training program for new general staff employees?