Certified Information Systems Auditor (CISA) — Question 1291

Which of the following would MOST effectively help to reduce the number of repeated incidents in an organization?

Answer options

• A. Linking incidents to problem management activities
• B. Training incident management teams on current incident trends
• C. Prioritizing incidents after impact assessment
• D. Testing incident response plans with a wide range of scenarios

Correct answer: A

Explanation

Linking incidents to problem management activities is crucial because it allows for the identification and resolution of underlying issues, thus preventing recurrence. Training teams and prioritizing incidents are important, but they do not directly address the root causes of repeated incidents. Testing response plans is essential for preparedness but does not impact the frequency of incidents themselves.