Exam CISM All QuestionsBrowse all questions from this exam
Question 667

Of the following, who is in the BEST position to evaluate business impacts?

    Correct Answer: A

    Senior management is in the best position to evaluate business impacts because they have a holistic view of the organization's overall strategy, direction, and operations. They are responsible for making strategic decisions that affect the entire organization and have access to the necessary resources and information. While process managers and other roles may have detailed knowledge of specific areas, senior management has the comprehensive perspective required to assess the impacts across all business processes and make informed decisions for the organization's well-being.

Discussion
DravidianOption: C

Just because senior management is ultimately responsible and accountable does not mean they are the best to evaluate the impact since it's impossible to be aware of every detail of every process in an organization. A process owner would be the best resource to know everything about their process and hence the best to evaluate the impact to their process.

BroesweeliesOption: A

A. Senior management is in the BEST position to evaluate business impacts, as they are responsible for the overall strategy and direction of the organization, and have the authority and access to resources to make decisions that affect the entire organization.

giovi

Agree with you

AlexJacobson

Then again, senior management is too high to be able to EVALUATE business impact of some low-level process.

secdoc

Senior Management is at the 50k ft view level. Definitely C.

justxOption: A

I choose A, Everybody reports to Senior Management ..including process manager. Senior management is aware or should be aware of everything going on, or affecting the org. So they can evaluate the business impacts. They have the overall picture to do that, process manager only have a partial view of his/ her process.

NillanashOption: C

I agree with Dravidian that the answer is C-Process Manager. Senior management are ultimately responsible for an organization's risk, but don't evaluate business impacts . The process manger does this .

wickhaarryOption: C

C. Process manager

welloOption: A

Evaluating business impacts involves understanding how potential incidents, disruptions, or changes can affect the organization's operations, financials, reputation, and overall business continuity. Senior management has the authority and perspective to assess these impacts holistically and make informed decisions about risk management, resource allocation, and prioritization.

03allenOption: C

I reckon the best answer would be a product/ process owner, who understands the business progress the most.

AlexJacobsonOption: A

I'm actually gonna go ahead an point out that it is said "business impactS" (plural). So senior management is more relevant than a process manager. Yeah, I know it's a bit of a stretch, but it seems to me that's a mini-hint.

Marcovic00Option: C

process manager will have a better visibility but the senior manager will have overall visibility to take a decision at the end

koala_layOption: A

A. Senior management

koala_layOption: A

Senior management is in the best position to evaluate business impacts. Senior management typically has a broader perspective on the overall business operations and goals. They are responsible for making strategic decisions and have a better understanding of the potential risks and impacts on the organization as a whole. Additionally, senior management has the authority to allocate resources and make changes to mitigate any identified risks. While other roles such as the information security manager, process manager, and IT manager may have specialized knowledge and expertise in their respective areas, senior management has the overall authority and responsibility to evaluate the business impacts.

oluchecpointOption: A

Senior management has a strategic perspective, information security managers focus on security-related impacts, process managers specialize in process-related impacts, and IT managers assess IT-related impacts. The choice of who should evaluate business impacts should be based on the specific circumstances and the expertise required to make informed assessments. Often, a collaborative approach involving multiple stakeholders may be necessary to comprehensively evaluate business impacts.

richck102Option: A

A. Senior management

Pabl0T0rrezOption: A

A. Senior management is in the best position to evaluate business impacts because they have a holistic view of the organization and its operations. The information security manager is responsible for protecting the organization's information assets.