Certified Information Security Manager (CISM) — Question 1095

A Software as a Service (SaaS) application has been implemented to support a critical business process. Which of the following is MOST important to include within the service level agreement (SLA) to ensure timely response to incidents affecting the application?

Answer options

• A. Vendor declarations and warranties
• B. Enhanced monitoring of in-scope systems
• C. Defined incident response roles and responsibilities
• D. Established incident response procedures

Correct answer: C

Explanation

Including defined incident response roles and responsibilities in the SLA is crucial because it clarifies who is accountable for managing incidents, thereby ensuring a timely response. While enhanced monitoring and established procedures are important, they do not directly assign accountability, which is key for effective incident management.