CISM Certified Information Security Manager – Question1398

Which of the following is the BEST mechanism to determine the effectiveness of the incident response process?

A.
Incident response metrics
B. Periodic auditing of the incident response process
C. Action recording and review
D. Post incident review

Correct Answer: D

Explanation:

Explanation: Post event reviews are designed to identify gaps and shortcomings in the actual incident response process so that these gaps may be improved over time. The other choices will not provide the same level of feedback in improving the process.