Certified Information Security Manager (CISM) — Question 835

An information security manager is MOST likely to obtain approval for a new security project when the business case provides evidence of:

Answer options

• A. threats to the organization.
• B. organizational alignment.
• C. existing control costs.
• D. IT strategy alignment.

Correct answer: B

Explanation

The correct answer is B, as demonstrating organizational alignment shows that the project supports the overall goals and objectives of the business, which is crucial for gaining approval. While threats (A), existing control costs (C), and IT strategy alignment (D) are important, they do not directly indicate how the project aligns with and supports the organization's priorities.