Due to changes in an organization’s environment, security controls may no longer be adequate. What is the information security manager’s BEST course of action? A. Perform a new risk assessment. B. Review the previous risk assessment and countermeasures. C. Transfer the new risk to a third party. D. Evaluate countermeasures to mitigate new risks. Suggested Answer: A This question is in CISM exam For getting Certified Information Security Manager Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by ISACA. The website does not contain actual questions and answers from ISACA's Certification Exams. Trademarks, certification & product names are used for reference only and belong to ISACA.
Please login or Register to submit your answer