CISA Certified Information Systems Auditor – Question0423

Following a breach, what is the BEST source to determine the maximum amount of time before customers must be notified that their personal information may have been compromised?

A.
Industry standards
B. Information security policy
C. Incident response plan
D. Industry regulations

Correct Answer: D