Certified Information Security Manager (CISM) — Question 1161

Which of the following is MOST likely to affect an organization's ability to respond to security incidents in a timely manner?

Answer options

• A. Lack of senior management buy-in
• B. Inadequate detective control performance
• C. Misconfiguration of security information and event management (SIEM) tool
• D. Complexity of network segmentation

Correct answer: A

Explanation

The lack of senior management buy-in is crucial because it often leads to insufficient resources and prioritization for security initiatives. While inadequate detective controls and misconfigured SIEM tools can impact incident response, they are typically symptoms of broader organizational issues, which are exacerbated without management support. Network segmentation complexity can create challenges, but it is less likely to be the primary cause of delayed incident response compared to management buy-in.