Home/isaca/Free ISACA CISM Actual Exam Questions/Question 2

Free ISACA CISM Actual Exam Questions - Question 2 Discussion

Question No. 2

The MOST important reason for having an information security manager serve on the change
management committee is to:

Select one option, then reveal solution.

Sohail J.

2026-02-15

Risk assessment is the core security role here, so D fits best.

Sohail J.

2026-02-09

A/C? Making sure the info security policy stays updated with changes (A) and proper documentation (C) seem crucial too, since changes can impact security rules and records. Risk advice is vital, but these keep the policy aligned and traceable.

Sami W.

2026-01-17

D imo, because the info security manager’s main job is to highlight any security risks from proposed changes. The other tasks like testing or documentation are usually handled by other team members.

Sami W.

2026-01-16

It’s D. The info security manager’s key role is to advise on risks tied to changes, making sure security isn’t compromised when things get updated. The other options are important too but more admin or process-focused. Risk advice is where their expertise really matters on that committee.