CISM Question #129: Real Exam Question with Answer & Explanation

Question

Which of the following should an information security manager establish FIRST to ensure security-related activities are adequately monitored?

Options

• ARegular reviews of system logs
• BAccountability for security functions
• CProcedures for security assessments
• DSchedules for internal audits

Explanation

To ensure security activities are adequately monitored, an information security manager should first establish accountability for security functions, clarifying who is responsible for what.

Common mistakes.

• A. Regular reviews of system logs are a monitoring activity, but they cannot be adequately performed or acted upon without established accountability.
• C. Procedures for security assessments define how assessments are done, but accountability determines who initiates, oversees, and responds to them.
• D. Schedules for internal audits are a part of monitoring, but accountability defines who is responsible for conducting the audits and addressing their findings.

Concept tested. Information security governance - accountability

No community discussion yet for this question.