Certified Information Security Manager (CISM) — Question 207
Which of the following is the BEST tool to monitor the effectiveness of information security governance?
Answer options
- A. Balanced scorecard
- B. Risk profile
- C. Business impact analysis (BIA)
- D. Key performance indicators (KPIs)
Correct answer: A
Explanation
The Balanced scorecard is the most effective tool as it provides a comprehensive view of organizational performance through various perspectives, including security governance. While Risk profile, Business impact analysis (BIA), and Key performance indicators (KPIs) are useful, they do not offer the same breadth of assessment for governance effectiveness.