I am preparing my CISM exam using CISM Review Manual (15th Edition).
I need clarification and found repeated sentences on the below topics in the Manual.
1. Page number 188.
Topic :- 3.12.1 Control Categories
In the control categories. there is " Knowledge Check: Control Categories", In this I found that " Data Backup" consider as " Corrective " control. (Answer page number 206)
My personal view is Data Backup should be " Preventive " control and Data Restore consider as " "Corrective" control.
Any thoughts ?
2. Page number 181
Topic :- Third-Party Access,
In the first line, it stating that
" Third-party access to the information security manager's (space) organization's processing facilities under any circumstances should be controlled........"
I am really didn't get what author is trying to convey the message on the above lines.
If anyone understand this, kindly clarify.
3. Page number 167
Topic :- Figure 3.7 - PDCA Methodology
In the "PLAN" column :- Repeated sentences
" These activities include creating a strategy;socialization concepts;and polices,goals,objectives and practices as necessary to manage risk"
You must sign in to rate content.