CISM Certified Information Security Manager – Question1005

An organization’s information security strategy for the coming year emphasizes reducing the risk of ransomware. Which of the following would be MOST helpful to support this strategy?

A.
Provide relevant training to all staff.
B. Create a penetration testing plan.
C. Perform a controls gap analysis.
D. Strengthen security controls for the IT environment.

Correct Answer: A