CISM Question #590: Real Exam Question with Answer & Explanation

Sign in or unlock CISM to reveal the answer and full explanation for question #590. The question stem and answer options stay visible for context.

Submitted by jordan8· Apr 18, 2026Information Security Governance

Question

An organization has an ongoing security awareness training program. Employee participation has been decreasing over the year, while the number of malware and phishing incidents from email has been increasing. What is the information security manager's BEST course of action?

Options

AInclude regular phishing campaigns after each training session.
BReport the findings to senior management with recommendations.
CMake the training program mandatory for all employees.
DImplement a phishing reporting tool in the email system.

Unlock CISM to see the answer

You've previewed enough free CISM questions. Unlock CISM for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CISM - $49.99 / 30 days Sign in

Topics

#Security Awareness Program#Program Effectiveness#Senior Management Communication#Information Security Governance

Full CISM Practice Browse All CISM Questions