CISM Certified Information Security Manager – Question1029

Which of the following is MOST important when selecting an information security metric?

A.
Aligning the metric to the IT strategy
B. Defining the metric in quantitative terms
C. Ensuring the metric is repeatable
D. Defining the metric in qualitative terms

Correct Answer: B