Certified Information Security Manager (CISM) — Question 930

Which of the following is the PRIMARY benefit of an information security awareness training program?

Answer options

• A. Evaluating organizational security culture
• B. Enforcing security policy
• C. Influencing human behavior
• D. Defining risk accountability

Correct answer: C

Explanation

The correct answer is C, as the primary goal of an information security awareness training program is to influence human behavior towards better security practices. While options A, B, and D are important aspects of security, they are not the main focus of awareness training, which is to change how individuals behave regarding security matters.