Certified Information Systems Auditor (CISA) — Question 1343

Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?

Answer options

• A. Number of successful penetration tests
• B. Percentage of protected business applications
• C. Number of security vulnerability patches
• D. Financial impact per security event

Correct answer: D

Explanation

The financial impact per security event (D) accurately reflects how well an organization is managing incidents and minimizing losses, making it the best indicator of incident response effectiveness. In contrast, the number of successful penetration tests (A), percentage of protected business applications (B), and number of vulnerability patches (C) do not directly measure the response to incidents or their consequences.