Isaca Certified Information Security Manager CISM Question # 278 Topic 28 Discussion

CISM Exam Topic 28 Question 278 Discussion:

Question #: 278

Topic #: 28

Which of the following should an information security manager do FIRST when noncompliance with security standards is identified?

Report the noncompliance to senior management.

Validate the noncompliance.

Include the noncompliance in the risk register.

Implement compensating controls to mitigate the noncompliance.

Get Premium CISM Questions

Actual exam question for Isaca CISM exam by Axel6642 at Aug 3, 2025, 5:36:54 AM

Chosen Answer: A B C D
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.