IsacaIsaca
CISM · Question #857
CISM Question #857: Real Exam Question with Answer & Explanation
The correct answer is C: Integrating security requirements with processes. Integrating security requirements into business unit processes embeds governance into day-to- day operations, making compliance practical and consistent rather than dependent on standards alone or after-the-fact reporting.
Submitted by paula_co· Apr 18, 2026Information Security Program Development and Management
Question
Which of the following is the MOST effective way of ensuring that business units comply with an information security governance framework?
Options
- AEstablishing well-defined security standards
- BConducting a business impact analysis (BIA)
- CIntegrating security requirements with processes
- DProviding regular senior management reporting
Explanation
Integrating security requirements into business unit processes embeds governance into day-to- day operations, making compliance practical and consistent rather than dependent on standards alone or after-the-fact reporting.
Topics
#Information security governance#Compliance#Process integration#Security program management
Community Discussion
No community discussion yet for this question.