Certified Information Security Manager (CISM) — Question 371

Measuring which of the following is the MOST accurate way to determine the alignment of an information security strategy with organizational goals?

Answer options

• A. Number of blocked intrusion attempts
• B. Number of business cases reviewed by senior management
• C. Trends in the number of identified threats to the business
• D. Percentage of controls integrated into business processes

Correct answer: D

Explanation

The correct answer is D because the integration of controls into business processes directly reflects how security measures support organizational objectives. The other options, while relevant, do not provide a clear measure of alignment between security strategies and business goals.