CISM Certified Information Security Manager – Question0464 - CISM Certified Information Security Manager

To BEST improve the alignment of the information security objectives in an organization, the chief information security officer (CISO) should:

A. revise the information security program.
B. evaluate a balanced business scorecard.
C. conduct regular user awareness sessions.
D. perform penetration tests.

Correct Answer: B

Explanation:

Explanation:
The balanced business scorecard can track the effectiveness of how an organization executes it information security strategy and determine areas of improvement. Revising the information security program may be a solution, but is not the best solution to improve alignment of the information security objectives. User awareness is just one of the areas the organization must track through the balanced business scorecard. Performing penetration tests does not affect alignment with information security objectives.