Effective CISSP Questions

You are preparing the annual plan for the coming year. Which of the following is not a smart goal-setting principle? (Wentz QOTD)
A. Developing a comprehensive target
B. Assigning a specific deadline
C. Allocating resources
D. Defining measurable indicators

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is A. Developing a comprehensive target.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

What Is Management?
What Is Management?
Goals and Objectives
Goals and Objectives

The goal-setting process may consider comprehensive factors, but the target should be specific and measured by key indicators. It’s not realistic and becomes lip service to set a goal without provisioning resources.

Management is a systematic approach to achieve the goal.

  • A goal is the statement of the desired outcome.
  • A well-developed goal meets the SMART criteria.
  • The PDCA cycle is one of the most common approaches to achieve the goal.
  • Success is the result of achieving the goal.


  • A specific goal can be described with a statement of success supported by CSFs, critical success factors.
  • A measurable goal can be divided into a set of objectives defined by metrics and KPIs, key performance indicators.
  • An achievable goal should be with reasonable targets regarding metrics or KPIs.
  • A realistic goal takes resources and constraints into considerations.
  • A timely goal has a deadline.


你正在為明年的年度計晝做準備。 以下哪一項不是明智(smart)的目標設定原則? (Wentz QOTD)
A. 發展全面的(comprehensive )標的
B. 指定一個具體的截止日期
C. 分配資源
D. 定義可衡量指標

Leave a Reply