CISM Certified Information Security Manager – Question0520

An organization with a maturing incident response program conducts post-incident reviews for all major information security incidents. The PRIMARY goal of these reviews should be to:

A.
document and report the root cause of the incidents for senior management.
B. identify security program gaps or systemic weaknesses that need correction.
C. prepare properly vetted notifications regarding the incidents to external parties.
D. identify who should be held accountable for the security incidents.

Correct Answer: A