Study tips CISM

Information security managers should use risk assessment techniques to:

In assessing risk, it is MOST essential to:

which of the following areas?

When the computer incident response team (CIRT) finds clear evidence that a hacker has penetrated the corporate network…

The PRIMARY goal of a corporate risk management program is to ensure that an organization’s:

It is important to classify and determine relative sensitivity of assets to ensure that:

In this situation an information security manager should:

By doing so, the net effect will be to PRIMARILY reduce the:

which of the following is MOST important to estimate the potential loss?

Before conducting a formal risk assessment of an organization’s information resources, an information security manager should FIRST: