Certified Information Security Manager (CISM) — Question 817

Which of the following is the MOST important outcome of strategic alignment of corporate and information security governance?

Answer options

• A. Implementation of information security controls
• B. Development of a common and comprehensive set of IT security policies
• C. Higher acceptance of information security projects
• D. Reduction of adverse impacts on the organization to an acceptable level

Correct answer: D

Explanation

The correct answer is D because the ultimate goal of aligning corporate and information security governance is to ensure that risks are managed effectively, thus reducing any negative impact on the organization. While options A, B, and C are beneficial outcomes, they do not directly address the overarching aim of protecting the organization from security threats.