CISM - Information Security Program - Section 3.1
Plan and manage information security programme resources including people, tools and technologies.
Plan and manage the people, tooling, and technologies required to operate an information security programme through structured resource management and capacity planning. Recognise when staffing gaps or tool deficiencies create programme risks and determine the appropriate response, such as hiring, outsourcing, or technology investment.
Resource managementSecurity staffingToolingCapacity planning
More in this domain
Back to all Information Security Program objectives, or the CISM cert hub.
Examworthy is not affiliated with or endorsed by ISACA. Original, blueprint-aligned practice material only.