CISM Certified Information Security Manager – Question1468

Who is MOST important to include when establishing the response process for a significant security breach that would impact the IT infrastructure and cause customer data loss?

A.
An independent auditor for identification of control deficiencies
B. A damage assessment expert for calculating losses
C. A forensics expert for evidence management
D. A penetration tester to validate the attack

Correct Answer: C