CISM Certified Information Security Manager – Question1447

Which of the following is the MOST important criterion for complete closure of a security incident?

A.
Level of potential impact
B. Root-cause analysis and lessons learned
C. Identification of affected resources
D. Documenting and reporting to senior management

Correct Answer: B