Information Security Governance

This domain includes questions from the following topics:

• Business alignment

• Security strategy development

• Security governance

• Information security strategy development

• Resources needed to develop and execute a security strategy

• Information security metrics

The topics in this chapter represent 24 percent of the Certified Information Security Manager (CISM) examination. This chapter discusses CISM job practice 1, “Information Security Governance.”

ISACA defines this domain as follows: “Establish and/or maintain an information security governance framework and supporting processes to ensure that the information security strategy is aligned with organizational goals and objectives.”

When properly ...

Get CISM Certified Information Security Manager Practice Exams now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.