CISM Certified Information Security Manager – Question0937

Which of the following metrics would be the MOST useful in measuring how well information security is monitoring violation logs?

A.
Penetration attempts investigated
B. Violation log reports produced
C. Violation log entries
D. Frequency of corrective actions taken

Correct Answer: A

Explanation:

Explanation: The most useful metric is one that measures the degree to which complete follow-through has taken place. The quantity of reports, entries on reports and the frequency of corrective actions are not indicative of whether or not investigative action was taken.