🔥 3-day streak
ISACA CISM — Certified Information Security Manager3 / 121
Question 3 of 121

An information security manager notices that several individually low-rated risks across different business units all stem from the same unpatched legacy authentication service. Each business unit has independently accepted its portion of the risk as within its local tolerance. What should the security manager do FIRST?

Reviewed for accuracy · Report an issueNext question