The chief information security officer (CISO) should ideally have a direct reporting relationship to
the:

Which of the following is the MOST essential task for a chief information security officer (CISO) to
perform?

Developing a successful business case for the acquisition of information security software
products can BEST be assisted by:

When an information security manager is developing a strategic plan for information security, the
timeline for the plan should be:

Which of the following is the MOST important information to include in a strategic plan for
information security?

Information security projects should be prioritized on the basis of:

Which of the following is the MOST important information to include in an information security
standard?

Which of the following would BEST prepare an information security manager for regulatory
reviews?

An information security manager at a global organization that is subject to regulation by multiple
governmental jurisdictions with differing requirements should:

Which of the following BEST describes an information security manager’s role in a
multidisciplinary team that will address a new regulatory requirement regarding operational risk?