Certified Information Systems Auditor (CISA) — Question 563

Which of the following is the MOST important consideration when investigating a security breach of an e-commerce application?

Answer options

• A. Skill set of the response team
• B. Chain of custody
• C. Notifications to law enforcement
• D. Procedures to analyze evidence

Correct answer: B

Explanation

The chain of custody is crucial because it ensures that evidence collected during the investigation is preserved and can be legally admissible in court. While the skill set of the response team, notifications to law enforcement, and procedures for analyzing evidence are important, they all depend on maintaining a proper chain of custody to validate the integrity of the investigation.