Exam CISM Topic 3 Question 25 Discussion
Actual exam question for ISACA's CISM exam
Question #: 25
Topic #: 3
Question #: 25
Topic #: 3
When a departmental system continues to be out of compliance with an information security policy's password strength requirements, the BEST action to undertake is to:
Suggested Answer: B Vote an answer
Explanation
An impact analysis is warranted to determine whether a risk acceptance should be granted and to demonstrate to the department the danger of deviating from the established policy. Isolating the system would not support the needs of the business. Any waiver should be granted only after performing an impact analysis.
An impact analysis is warranted to determine whether a risk acceptance should be granted and to demonstrate to the department the danger of deviating from the established policy. Isolating the system would not support the needs of the business. Any waiver should be granted only after performing an impact analysis.
by Ted at Feb 11, 2024, 09:34 AM
Contact Us
If you have any question please leave me your email address, we will reply and send email to you in 12 hours.
Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday
Support: Contact now
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).