Certified Information Security Manager (CISM) — Question 432

Which of the following is MOST important when providing updates during a security incident?

Answer options

• A. Responding immediately to questions from the public
• B. Validating the reliability of information prior to dissemination
• C. Designating a communications representative
• D. Ensuring timely incident information to internal stakeholders

Correct answer: B

Explanation

The correct answer is B because validating the reliability of information ensures that accurate and trustworthy updates are communicated during a security incident. If information is not verified, it can lead to misinformation and panic. The other options, while important, do not prioritize the accuracy of the information being shared.