One-Best-Answer Elimination

One-Best-Answer Elimination

Every CISM item has exactly one credited answer among four options, but ISACA writes distractors that are plausible, not absurd. You will routinely face two options that both sound correct. Elimination — not recognition — is what separates a 450 from a 430. The goal is to remove the clearly weaker options fast, then resolve the final pair against the stem's qualifier.

A four-pass elimination routine

Most items collapse to two survivors after passes 1-3. Pass 4 is where the qualifier earns its weight.

Worked elimination

Stem: "Which is the MOST effective way to ensure security policy is followed enterprise-wide?"

• A. Punish employees who violate policy. (Pass 2 — punitive, gone.)
• B. Install monitoring software on all endpoints. (Pass 3 — technical, and monitoring detects, it does not ensure adherence.)
• C. Require all staff to sign the policy once at hire. (Plausible, but a one-time signature does not sustain compliance.)
• D. Establish an ongoing awareness and training program tied to accountability. (Survives.)

After passes 2 and 3, the contest is C vs. D. The qualifier is "MOST effective" for ongoing enterprise-wide adherence. A one-time signature (C) is a control event; a sustained awareness program with accountability (D) changes behavior over time. D is credited.

Why elimination beats recognition on CISM

Many candidates study by recognizing the 'right' concept and scanning for it in the options. That fails on CISM because ISACA deliberately seeds two options that both contain right concepts. If you stop at the first option that 'sounds correct,' you walk into the trap. Elimination forces you to actively disqualify options for concrete reasons (an absolute, a punitive tone, a technical altitude mismatch, a qualifier mismatch) rather than passively accept the first plausible one. The discipline of naming why each loser loses is what surfaces the qualifier and breaks ties reliably.

Elimination also protects against the 'most words must mean most correct' bias. Distractors are often written to look thorough and authoritative. Strip that surface impression by judging each survivor purely on whether it answers the exact qualifier and operates at the manager's level. A short, plain option that nails the qualifier beats a long, detailed option that answers a slightly different question.

Resolving the final pair

When two options survive, ask three questions in order:

1. Which one answers the exact qualifier — FIRST (sequence), BEST/MOST EFFECTIVE (outcome), PRIMARY (purpose)?
2. Which one operates at the management level rather than the task level?
3. Which one is sustainable and addresses root cause rather than a single symptom?

The option that wins all three is your answer. If two still tie, prefer the one that aligns to business objectives and assigns ownership.

A useful tiebreaker scenario: a stem asks for the BEST way to reduce the risk of phishing, and two survivors are 'deploy an email filtering gateway' and 'implement a security awareness program with simulated phishing.' Both are real controls. The filter is a strong technical layer, but the qualifier is BEST risk reduction for phishing, which targets human behavior; the awareness program addresses the human attack surface the filter cannot fully cover, and it is the management-level, sustainable answer.

If instead the stem said 'reduce delivery of phishing emails,' the filter would win, because the qualifier shifted from human behavior to email delivery. Same options, different credited answer, decided purely by the qualifier.

Mechanics and traps

• There is no penalty for incorrect answers on the CISM exam, so after eliminating, always commit to a choice — a blank scores zero, a guess between two survivors scores 50%.
• You can flag items and use the on-screen review screen; eliminate now, decide later, but never leave it unanswered at submission.
• Trap: changing a well-reasoned elimination answer on a second pass based on a hunch. Change only when you find a concrete misread of the stem.
• Trap: picking the most detailed survivor. Detail is not correctness; the qualifier is.

Practicing elimination deliberately

During review, do not just record whether you got an item right. For each of the four options write a one-line reason it survives or dies: 'absolute, gone,' 'technical altitude, gone,' 'right concept but wrong qualifier,' or 'credited.' This turns passive review into active training of the elimination reflex. After a few hundred items you will eliminate two distractors almost instantly and spend your thinking time only on the genuine final pair, which is exactly where the pacing budget should go.

Watch your answer-change behavior too. Track how often a changed answer was a correct-to-wrong swap versus a wrong-to-correct swap across your mocks. If your changes are mostly correct-to-wrong, you are second-guessing sound eliminations; discipline yourself to change only when you can name a specific misread of the stem, never on a vague feeling that 'it can't be that easy.'