CISM Certified Information Security Manager – Question1397 - CISM Certified Information Security Manager

The MOST important objective of a post incident review is to:

A. capture lessons learned to improve the process.
B. develop a process for continuous improvement.
C. develop a business case for the security program budget.
D. identify new incident management tools.

Correct Answer: A

Explanation:

Explanation:
The main purpose of a post incident review is to identify areas of improvement in the process. Developing a process for continuous improvement is not true in every case. Developing a business case for the security program budget and identifying new incident management tools may come from the analysis of the incident, but are not the key objectives.