CISM Certified Information Security Manager – Question0471 - CISM Certified Information Security Manager

The MAIN goal of an information security strategic plan is to:

A. develop a risk assessment plan.
B. develop a data protection plan.
C. protect information assets and resources.
D. establish security governance.

Correct Answer: C

Explanation:

Explanation:
The main goal of an information security strategic plan is to protect information assets and resources. Developing a risk assessment plan and H data protection plan, and establishing security governance refer to tools utilized in the security strategic plan that achieve the protection of information assets and resources.