CISM Certified Information Security Manager – Question0060 - CISM Certified Information Security Manager

When designing an information security quarterly report to management, the MOST important element to be considered should be the:

A. information security metrics.
B. knowledge required to analyze each issue.
C. linkage to business area objectives.
D. baseline against which metrics are evaluated.

Correct Answer: C

Explanation:

Explanation:
The link to business objectives is the most important clement that would be considered by management. Information security metrics should be put in the context of impact to management objectives. Although important, the security knowledge required would not be the first element to be considered. Baselining against the information security metrics will be considered later in the process.