Find Resources and Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

Subscribe to this discussion

Question of the day - 13 April

CISM Candidates - test your knowledge and exam preparedness with this practice question.

The MOST effective approach to address issues that arise between IT management, business units and security management when implementing a new security strategy is for the information security manager to:

A. escalate issues to an external third party for resolution.

B. ensure that senior management provide authority for security to address the issues.

C. insist that managers or units not in agreement with the security solution accept the risk.

D. refer the issues to senior management along with any security recommendations.

You must sign in to rate content.
(Unrated)

Comments

RE: Question of the day - 13 April

D
Bhavya628Lively at 4/13/2017 5:27:33 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Agree with Bhavy, should be D because the Senior Management has the right understanding, position and strategic view overall to play the arbitre role. Business units have to wait for Leadership's input prior accepting the risk and so is the delegation of the authority to others.
VENCISLAV DIMKINEnergizer at 4/13/2017 6:48:49 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Omar795Energizer at 4/13/2017 11:02:00 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

I also agree that scalating this situation to senior management is the best approach.
D.

Omar795Energizer at 4/13/2017 11:03:00 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

D. Referring the issues to senior management along with any security recommendations is the most effective way to go. All the other options will not address the problem.
RAMADJI757Social at 4/13/2017 12:43:12 PM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Yes it is D. 
Sathishkumar745Social at 4/13/2017 9:56:25 PM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Yup it should be D
Amit190Lively at 4/14/2017 3:33:25 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

D
Ericka571Lively at 4/17/2017 7:54:37 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

D - Indeed
Raphael082Energizer at 4/17/2017 1:05:12 PM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Agree with all. - D, should be right. Disputes among business/functional units within any organisation should be effectively resolved by senior management with recommendations. One must understand that Snr. management defines the risk level for the organisation and for that reason they will be in the best position to know what do in respect to the disagreement between departmental units ( i.e, in the risk sense). Although, Snr, management hold the power to make the best decision without any recommendation, it is wise that the Info Sec manager will make a conscious effort to provide a recommendation to give management a second thought/view of the situation a security perspective. 
Raphael082Energizer at 4/17/2017 1:20:06 PM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Thank you to everyone who shared answers and thoughts on this question. The answer is D and the official explanation is . . .

Senior management is in the best position to arbitrate since they will look at the overall needs of the business in reaching a decision. The authority may be delegated to others by senior management after their review of the issues and security recommendations. Units should not be asked to accept the risk without first receiving input from senior management.

My personal opinion - even with seemingly "straight-forward" practice questions take time to read and understand the explanations provided. Understanding why an answer is correct means you will be well placed to apply the knowledge when you are faced with actual questions in the exam.

Peter O'TooleInfluential at 4/18/2017 5:10:21 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Thank you to everyone who shared answers and thoughts on this question. The answer is D and the official explanation is . . .

Senior management is in the best position to arbitrate since they will look at the overall needs of the business in reaching a decision. The authority may be delegated to others by senior management after their review of the issues and security recommendations. Units should not be asked to accept the risk without first receiving input from senior management.

My personal opinion - even with seemingly "straight-forward" practice questions take time to read and understand the explanations provided. Understanding why an answer is correct means you will be well placed to apply the knowledge when you are faced with actual questions in the exam.

Peter O'TooleInfluential at 4/18/2017 5:10:21 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Agree with all. - D, should be right. Disputes among business/functional units within any organisation should be effectively resolved by senior management with recommendations. One must understand that Snr. management defines the risk level for the organisation and for that reason they will be in the best position to know what do in respect to the disagreement between departmental units ( i.e, in the risk sense). Although, Snr, management hold the power to make the best decision without any recommendation, it is wise that the Info Sec manager will make a conscious effort to provide a recommendation to give management a second thought/view of the situation a security perspective. 
Raphael082Energizer at 4/17/2017 1:20:06 PM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

D - Indeed
Raphael082Energizer at 4/17/2017 1:05:12 PM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

D
Ericka571Lively at 4/17/2017 7:54:37 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Yup it should be D
Amit190Lively at 4/14/2017 3:33:25 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Yes it is D. 
Sathishkumar745Social at 4/13/2017 9:56:25 PM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

D. Referring the issues to senior management along with any security recommendations is the most effective way to go. All the other options will not address the problem.
RAMADJI757Social at 4/13/2017 12:43:12 PM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

I also agree that scalating this situation to senior management is the best approach.
D.

Omar795Energizer at 4/13/2017 11:03:00 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Omar795Energizer at 4/13/2017 11:02:00 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Agree with Bhavy, should be D because the Senior Management has the right understanding, position and strategic view overall to play the arbitre role. Business units have to wait for Leadership's input prior accepting the risk and so is the delegation of the authority to others.
VENCISLAV DIMKINEnergizer at 4/13/2017 6:48:49 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

D
Bhavya628Lively at 4/13/2017 5:27:33 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

D
Bhavya628Lively at 4/13/2017 5:27:33 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Agree with Bhavy, should be D because the Senior Management has the right understanding, position and strategic view overall to play the arbitre role. Business units have to wait for Leadership's input prior accepting the risk and so is the delegation of the authority to others.
VENCISLAV DIMKINEnergizer at 4/13/2017 6:48:49 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Omar795Energizer at 4/13/2017 11:02:00 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

I also agree that scalating this situation to senior management is the best approach.
D.

Omar795Energizer at 4/13/2017 11:03:00 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

D. Referring the issues to senior management along with any security recommendations is the most effective way to go. All the other options will not address the problem.
RAMADJI757Social at 4/13/2017 12:43:12 PM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Yes it is D. 
Sathishkumar745Social at 4/13/2017 9:56:25 PM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Yup it should be D
Amit190Lively at 4/14/2017 3:33:25 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

D
Ericka571Lively at 4/17/2017 7:54:37 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

D - Indeed
Raphael082Energizer at 4/17/2017 1:05:12 PM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Agree with all. - D, should be right. Disputes among business/functional units within any organisation should be effectively resolved by senior management with recommendations. One must understand that Snr. management defines the risk level for the organisation and for that reason they will be in the best position to know what do in respect to the disagreement between departmental units ( i.e, in the risk sense). Although, Snr, management hold the power to make the best decision without any recommendation, it is wise that the Info Sec manager will make a conscious effort to provide a recommendation to give management a second thought/view of the situation a security perspective. 
Raphael082Energizer at 4/17/2017 1:20:06 PM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 13 April

Thank you to everyone who shared answers and thoughts on this question. The answer is D and the official explanation is . . .

Senior management is in the best position to arbitrate since they will look at the overall needs of the business in reaching a decision. The authority may be delegated to others by senior management after their review of the issues and security recommendations. Units should not be asked to accept the risk without first receiving input from senior management.

My personal opinion - even with seemingly "straight-forward" practice questions take time to read and understand the explanations provided. Understanding why an answer is correct means you will be well placed to apply the knowledge when you are faced with actual questions in the exam.

Peter O'TooleInfluential at 4/18/2017 5:10:21 AM Quote
You must sign in to rate content.
(Unrated)

Leave a Comment

* required

You must login to leave a comment.