🔥 3-day streak
ISACA CISM — Certified Information Security Manager100 / 121
Question 100 of 121

An information security manager collects the raw count of security incidents from each of five business units and presents them to the steering committee. A committee member objects that the largest business unit always appears the 'worst' simply because it has more employees and systems, making it impossible to fairly compare unit performance. What should the security manager do to make the incident metric more meaningful for comparison?

Reviewed for accuracy · Report an issueNext question