Certified Information Security Manager (CISM) — Question 137

Which of the following is the MOST important security consideration when developing an incident response strategy with a cloud provider?

Answer options

• A. Security audit reports
• B. Recovery time objective (RTO)
• C. Technological capabilities
• D. Escalation processes

Correct answer: D

Explanation

The correct answer is D, as having well-defined escalation processes ensures that incidents are addressed promptly and efficiently, minimizing potential damage. While security audit reports, RTO, and technological capabilities are important, they do not directly address how incidents are handled in real-time, which is crucial for effective incident management.