Certified Information Security Manager (CISM) — Question 271

What is the BEST approach for the information security manager to reduce the impact on a security program due to turnover within the security staff?

Answer options

• A. Recruit certified staff
• B. Revise the information security program
• C. Document security procedures
• D. Ensure everyone is trained in their roles

Correct answer: C

Explanation

Documenting security procedures ensures that knowledge is retained within the organization, allowing for seamless transitions when staff leave. While recruiting certified staff, revising the program, and training all employees are important, they do not directly address the immediate knowledge gap that occurs due to turnover like thorough documentation does.