CISM Information Security Programme • Set 9
CISM Information Security Programme Practice Test 9 — 15 questions with explanations. Free, no signup.
In designing a security programme for a mid-sized enterprise, the CISO is deciding which security framework to adopt for control selection. Which of the following frameworks is specifically structured around implementation groups (IG1, IG2, IG3) to help organizations prioritize controls based on risk and maturity?