nerdexam
(ISC)2

CISSP · Question #862

The application of which of the following standards would BEST reduce the potential for data breaches?

The correct answer is D. ISO 27001. ISO 27001 is the international standard specifically focused on information security management systems (ISMS), making it the most relevant for reducing data breaches. The other ISO standards address quality, event sustainability, and social responsibility respectively.

Submitted by minji_kr· Mar 5, 2026Security and Risk Management

Question

The application of which of the following standards would BEST reduce the potential for data breaches?

Options

  • AISO 9000
  • BISO 20121
  • CISO 26000
  • DISO 27001

How the community answered

(52 responses)
  • A
    2% (1)
  • B
    6% (3)
  • C
    2% (1)
  • D
    90% (47)

Why each option

ISO 27001 is the international standard specifically focused on information security management systems (ISMS), making it the most relevant for reducing data breaches. The other ISO standards address quality, event sustainability, and social responsibility respectively.

AISO 9000

ISO 9000 is a quality management standard focused on product and service quality processes, not information security or data protection.

BISO 20121

ISO 20121 is a sustainability management standard specifically for events and event supply chains, with no relevance to information security or data breach prevention.

CISO 26000

ISO 26000 provides guidance on social responsibility and ethical behavior for organizations, but does not address information security controls or data breach prevention mechanisms.

DISO 27001Correct

ISO 27001 defines requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). It provides a risk-based framework with controls specifically designed to protect the confidentiality, integrity, and availability of information assets, directly addressing the root causes of data breaches through policies, access controls, encryption, and incident management.

Concept tested: ISO 27001 information security management standard

Source: https://www.iso.org/standard/27001

Topics

#ISO 27001#information security management system#data breaches#security standards

Community Discussion

No community discussion yet for this question.

Full CISSP Practice