CISM Certified Information Security Manager – Question1105 - CISM Certified Information Security Manager

When security policies are strictly enforced, the initial impact is that:

A. they may have to be modified more frequently.
B. they will be less subject to challenge.
C. the total cost of security is increased.
D. the need for compliance reviews is decreased.

Correct Answer: C

Explanation:

Explanation:
When security policies are strictly enforced, more resources are initially required, thereby increasing, the total cost of security. There would be less need for frequent modification. Challenges would be rare and the need for compliance reviews would not necessarily be less.