Skip to main content
security ⭐ Premium

ISACA CISM (Certified Information Security Manager) - 340 Questions

By Webmaster Certland ❤️ 0 likes

Practice exam for the ISACA Certified Information Security Manager (CISM) certification. Covers information security governance, risk management, information security program, and incident management.

🔒

Premium Content

This exam is exclusive to Premium users. Upgrade to get unlimited access!

Become Premium

👁️ Free Preview (5 of 340 questions)

1. A newly appointed CISO is tasked with developing an information security strategy for a large financial institution. Which of the following should be the FIRST step in this process?

A Understand the organization's business objectives and strategic goals
B Review the existing information security controls currently in place
C Conduct a comprehensive risk assessment across all IT systems
D Define information security policies and standards for the organization

2. An information security manager is presenting the value of the information security program to the board of directors. Which metric would BEST demonstrate the program's alignment with business objectives?

A Total number of security incidents detected and responded to during the year
B Reduction in business risk exposure expressed in financial terms
C Percentage of systems that have been patched within the defined SLA
D Security budget utilization rate compared to approved budget

3. A company's information security governance framework needs to be aligned with corporate governance. Which of the following BEST describes this relationship?

A Information security governance operates independently from corporate governance
B Information security governance is a subset of IT governance only
C Information security governance is a subset of and must support corporate governance
D Information security governance supersedes corporate governance in security matters

4. An organization is establishing an information security steering committee. Who should serve as the committee CHAIR to ensure proper governance?

A A senior business executive such as the Chief Operating Officer
B The Chief Information Security Officer (CISO)
C The Chief Information Officer (CIO)
D The IT security manager responsible for daily operations

5. When developing an information security strategy, which framework BEST helps align information security governance with enterprise governance and business goals?

A ISO/IEC 27001 Information Security Management System standard
B COBIT (Control Objectives for Information and Related Technologies)
C NIST Cybersecurity Framework (CSF)
D ITIL (Information Technology Infrastructure Library)

Want to test yourself for real?

Create a free account and run our exam simulation engine.

Free No credit card
  • Simulation engine
  • Up to 10 questions per attempt
  • Score & basic stats
Create free account Already have an account? Sign in
Best
Premium 7-day trial
  • All 340 questions
  • Detailed explanations
  • Smart Practice + Focus Mode
⭐ Start 7-day free trial

Information

Questions 340
Time 4h
Difficulty Hard
Minimum Score 75.00%
▶ Try 5 questions — no account needed 🔒 Unlock all questions — Premium 🤍 Like

Discussion

No comments yet. Be the first to start the discussion!

Sign in to join the discussion.