Certified Information Security Manager (CISM) — Question 1035

Which of the following is MOST important for an information security manager to consider when determining whether data should be stored?

Answer options

• A. Type and nature of data
• B. Business requirements
• C. Data storage limitations
• D. Data protection regulations

Correct answer: B

Explanation

The correct answer is B, as business requirements drive the need for data storage, ensuring that the data aligns with organizational goals. While the type of data, storage limitations, and protection regulations are important, they should be evaluated in the context of the overarching business needs.