Certified Information Systems Auditor (CISA) — Question 1308

Which of the following is the BEST way for management to ensure the effectiveness of the cybersecurity incident response process?

Answer options

• A. Periodic tabletop exercises involving key stakeholders
• B. Periodic update of incident response process documentation
• C. Periodic cybersecurity training for staff involved in incident response
• D. Periodic reporting of cybersecurity incidents to key stakeholders

Correct answer: A

Explanation

The correct answer, A, emphasizes the importance of conducting tabletop exercises that simulate incident scenarios, allowing stakeholders to practice their roles and improve response effectiveness. While options B, C, and D are also crucial for overall preparedness and awareness, they do not provide the same hands-on experience as tabletop exercises, which can highlight gaps in the response process.