Gain insights into the ISACA CISM certification exam. Discover why Enterprise Architecture plays a crucial role in determining priorities for a long-term information security roadmap.
Table of Contents
Question
Which of the following is MOST helpful for determining priorities when creating a long-term information security roadmap?
A. The organization’s information security framework
B. Information security steering committee input
C. Enterprise architecture (EA)
D. Industry best practices
Answer
C. Enterprise architecture (EA)
Explanation
Enterprise Architecture (EA) is a well-defined practice for conducting enterprise analysis, design, planning, and implementation for the successful development and execution of strategy. EA provides a blueprint for an effective IT strategy and guides the controlled evolution of IT in a way that delivers business benefit in a cost-effective way. It outlines how an enterprise should organize and manage to achieve its objectives. EA is unique to every organization, however, there are some common elements. Since Stephen Spewak’s Enterprise Architecture Planning (EAP) in 1993, and perhaps before then, it has been normal to divide enterprises architecture into four architecture domains.
While the organization’s information security framework, information security steering committee input, and industry best practices are all important components of a long-term information security roadmap, Enterprise Architecture is the most helpful for determining priorities. This is because it provides a holistic view of the organization’s strategy, processes, information, and IT assets, and aligns them with the organization’s business goals.
ISACA CISM certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the ISACA CISM exam and earn ISACA CISM certification.