Which of the following is an important criterion for developing effective key risk indicators (KRIs) to monitor information security risk? A. The indicator should provide a retrospective view of risk impacts and be measured annually B. The indicator should focus on IT and accurately represent risk variances C. The indicator should align with key performance indicators (KPIs) and measure root causes of process performance issues D. The indicator should possess a high correlation with a specific risk and be measured on a regular basis  Suggested Answer: D This question is in CISM exam For getting Certified Information Security Manager Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by ISACA. The website does not contain actual questions and answers from ISACA's Certification Exams. Trademarks, certification & product names are used for reference only and belong to ISACA.
Please login or Register to submit your answer