CISA Certified Information Systems Auditor – Question2936 - CISA Certified Information Systems Auditor

The PRIMARY objective of service-level management (SLM) is to:

A. define, agree, record and manage the required levels of service.
B. ensure that services are managed to deliver the highest achievable level of availability.
C. keep the costs associated with any service at a minimum.
D. monitor and report any legal noncompliance to business management.

Correct Answer: A

Explanation:

Explanation:
The objective of service-level management (SLM) is to negotiate, document and manage (i.e., provide and monitor) the services in the manner in which the customer requires those services. This does not necessarily ensure that services are delivered at the highest achievable level of availability (e.g., redundancy and clustering). Although maximizing availability might be necessary for some critical services, it cannot be applied as a general rule of thumb. SLM cannot ensure that costs for all services will be kept at a low or minimum level, since costs associated with a service will directly reflect the customer’s requirements. Monitoring and reporting legal noncompliance is not a part of SLM.