CISM Certified Information Security Manager – Question0822

Without prior approval, a training department enrolled the company in a free cloud-based collaboration site and invited employees to use it. Which of the following is the BEST response of the information security manager?

A.
Conduct a risk assessment and develop an impact analysis.
B. Update the risk register and review the information security strategy.
C. Report the activity to senior management.
D. Allow temporary use of the site and monitor for data leakage.

Correct Answer: C