🔥 3-day streak
ISACA CISM — Certified Information Security Manager1 / 121
Question 1 of 121

A manufacturing enterprise is acquiring a smaller competitor. The acquiring company follows ISO/IEC 27001, while the target has an informal, undocumented security program built around a different framework. The board has asked the information security manager how to approach integrating the two security programs to deliver value while managing risk. What should the information security manager do FIRST?

Reviewed for accuracy · Report an issueNext question