Question 3003 - CISA Certified Information Systems Auditor

Which of the following would be an indicator of the effectiveness of a computer security incident response team?

A. Financial impact per security incident
B. Number of security vulnerabilities that were patched
C. Percentage of business applications that are being protected
D. Number of successful penetration tests

Correct Answer: A

Explanation:

Explanation:
The most important indicator is the financial impact per security incident. Choices B, C and D could be measures of effectiveness of security, but would not be a measure of the effectiveness of a response team.

CISA Certified Information Systems Auditor

Tag: Question 3003

CISA Certified Information Systems Auditor – Question3003