🔥 3-day streak
ISACA CISM — Certified Information Security Manager20 / 121
Question 20 of 121
A newly appointed information security manager discovers that business units routinely adopt unsanctioned cloud applications ('shadow IT') because the formal approval process is perceived as slow and bureaucratic. Executives value the units' agility and are reluctant to impose heavy controls. Which action would BEST address the root cause while supporting enterprise governance objectives?
Reviewed for accuracy · Report an issueNext question