CISM Question #386: Real Exam Question with Answer & Explanation

The correct answer is A: Facilitate consistent implementation of security requirements.. An information security architecture provides a structured blueprint that ensures security controls, policies, and standards are applied consistently and cohesively across the organization. It translates high-level security requirements into implementable patterns that developmen

Submitted by jaden.t· Apr 18, 2026Information Security Governance

Question

Which of the following is the BEST reason to implement an information security architecture?

Options

AFacilitate consistent implementation of security requirements.
BServe as a post-deployment information security road map.
CFast-track the deployment of information security components.
DAssess the cost-effectiveness of the integration.

Explanation

An information security architecture provides a structured blueprint that ensures security controls, policies, and standards are applied consistently and cohesively across the organization. It translates high-level security requirements into implementable patterns that development and operations teams can follow repeatedly. Serving as a post-deployment road map (B) is incorrect because architecture is used proactively before and during deployment, not retrospectively. Fast-tracking deployment (C) mischaracterizes the purpose; architecture adds rigor, which may slow individual projects but improves overall quality. Assessing cost-effectiveness (D) is an analysis activity and a secondary benefit, not the primary reason to implement an architecture.

Topics

#Information Security Architecture#Security Requirements#Consistent Implementation#Security Governance

Community Discussion

No community discussion yet for this question.

Full CISM Practice Browse All CISM Questions