CISM Certified Information Security Manager – Question1515

Which of the following should be the FIRST step of incident response procedures?

A.
Classify the event depending on severity and type.
B. Identify if there is a need for additional technical assistance.
C. Perform a risk assessment to determine the business impact.
D. Evaluate the cause of the control failure.

Correct Answer: C