CISM Certified Information Security Manager – Question0527

Which of the following BEST enables an information security manager to determine the comprehensiveness of an organization’s information security strategy?

A.
Business impact analysis
B. Organizational risk appetite
C. Independent security audit
D. Security risk assessment

Correct Answer: A