CISM Certified Information Security Manager – Question1428

Which of the following is the MOST important objective of testing a security incident response plan?

A.
Confirm that systems are recovered in the proper order
B. Verify the response assumptions are valid
C. Ensure the thoroughness of the response plan
D. Validate the business impact analysis

Correct Answer: C