Beruflich Dokumente
Kultur Dokumente
Copyright www.techeXams.ws2011
CISM Practice Exams, CISM Audio Trainings, CISM Study Guides
14
Copyright www.techeXams.ws2011
CISM Practice Exams, CISM Audio Trainings, CISM Study Guides
15
Copyright www.techeXams.ws2011
CISM Practice Exams, CISM Audio Trainings, CISM Study Guides
16
B. Chief operating officer (COO)C. Chief privacy officer (CPO)D. Chief legal counsel (CLC)
Explanation:
The chief operating officer (COO) is most knowledgeable of business operations and
objectives. Thechief privacy officer (CPO) and the chief legal counsel (CLC) may not have
the knowledge of the day-to-day business operations to ensure proper guidance,
although they have the same influence withinthe organization as the COO. Although the
chief security officer (CSO) is knowledgeable of what isneeded, the sponsor for this task
should be someone with far-reaching influence across theorganization.Question: 29
Which of the following would be the MOST important goal of an information
securitygovernance program?
A. Review of internal control mechanismsB. Effective involvement in business decision
makingC. Total elimination of risk factorsD. Ensuring trust in data
Explanation:
The development of trust in the integrity of information among stakeholders should be
the primarygoal of information security governance. Review of internal control
mechanisms relates more toauditing, while the total elimination of risk factors is not
practical or possible. Proactive involvementin business decision making implies that
security needs dictate business needs when, in fact, just theopposite is true. Involvement
in decision making is important only to ensure business data integrityso that data can be
trusted.Question: 30Answer: BAnswer: D
Copyright www.techeXams.ws2011
CISM Practice Exams, CISM Audio Trainings, CISM Study Guides
17