CISM • Practice Test 31
Free CISM practice test — 15 questions with explanations. Set 31. No signup required.
Refer to the exhibit. The audit finding reveals a deficiency in which critical aspect of information security governance?
Refer to the exhibit. ``` Audit Finding Report: Audit ID: A-2025-003 Date: 2025-03-15 Scope: Information Security Governance Finding: The organization's information security strategy does not include measurable objectives aligned with business goals. The strategy document states: 'To protect information assets from threats.' There are no defined key performance indicators (KPIs) or targets. Recommendation: Develop a security strategy with specific, measurable objectives linked to business outcomes. ```