CGEIT Certified in the Governance of Enterprise IT – Question096

An analysis of an organization's security breach is complete. The results indicate that the quality of the code used for updates to its primary customer-facing software has been declining and security flaws were introduced. The FIRST IT governance action to correct this problem should be to review:

A.
the incident response plan.
B. the change management control framework.
C. compliance with the user testing process.
D. the qualifications of developers to write secure code.

Correct Answer: A