Certified Information Security Manager (CISM) — Question 1087

A PRIMARY benefit of adopting an information security framework is that it provides:

Answer options

• A. standardized security controls.
• B. common exploitability indices.
• C. credible emerging threat intelligence.
• D. security and vulnerability reporting guidelines.

Correct answer: A

Explanation

The correct answer, A, is accurate because an information security framework establishes a uniform set of security controls that organizations can adopt. The other options do not directly relate to the primary benefits of frameworks; for instance, B refers to exploitability indices, which are not standardized by frameworks, while C and D focus on intelligence and reporting rather than controls.