CISA Certified Information Systems Auditor – Question0099

An IS auditor is reviewing an organization’s incident management processes and procedures. Which of the following observations should be the auditor’s GREATEST concern?

A.
Ineffective incident classification
B. Ineffective incident prioritization
C. Ineffective incident detection
D. Ineffective post-incident review

Correct Answer: C