CISM Question #492: Real Exam Question with Answer & Explanation

Sign in or unlock CISM to reveal the answer and full explanation for question #492. The question stem and answer options stay visible for context.

Submitted by saadiq_pk· Apr 18, 2026Information Security Risk Management

Question

A chief information security officer (CISO) has identified multiple critical risks with various financial, operational, and reputational impacts. Which of the following is the MOST effective approach for selecting risk treatment options that align with the organization's risk appetite?

Options

AAllocate equal budget for treating all identified critical risks.
BPrioritize controls that can be implemented in the shortest time.
CUse the organization's risk criteria as a key factor in choosing risk treatment strategies.
DFocus solely on risks with the highest financial implications, including the cost of risk treatment.

Unlock CISM to see the answer

You've previewed enough free CISM questions. Unlock CISM for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CISM - $49.99 / 30 days Sign in

Topics

#risk treatment#risk appetite#risk criteria#risk management strategy

Full CISM Practice Browse All CISM Questions