CISM Certified Information Security Manager – Question1470

With limited resources in the information security department, which of the following is the BEST approach for managing security risk?

A.
Implement technical solutions to automate security management activities.
B. Prioritize security activities and report to management.
C. Hire additional information security staff.
D. Engage a third-party company to provide security support.

Correct Answer: B