CISA Certified Information Systems Auditor – Question0122

Which of the following is MOST important for an IS auditor to review when evaluating the effectiveness of an organization’s incident response process?

A.
Past incident response actions
B. Incident response staff experience and qualifications
C. Results from management testing of incident response procedures
D. Incident response roles and responsibilities

Correct Answer: C