CISA Certified Information Systems Auditor – Question1177

When information security management is receiving an increased number of false positive incident reports, which of the following is MOST important to review?

A.
The security awareness programs
B. Post-incident analysis results
C. The risk management processes
D. Firewall logs

Correct Answer: C