ABSTRACT

The objective of this job practice area is to focus on the need for a stable security governance program to be in place so all security strategies and processes can be planned, designed, implemented, and maintained. Only with a stable information security governance in place can an organization begin to address the threats to their survivability and profitability. This functional area comprises 21 percent of the CISM

examination and consists of approximately 42 questions.