Certified Information Security Manager (CISM) — Question 458

When developing an escalation process for an incident response plan, the information security manager should PRIMARILY consider the:

Answer options

• A. affected stakeholders.
• B. incident response team.
• C. availability of technical resources.
• D. media coverage

Correct answer: A

Explanation

The correct answer is A, as affected stakeholders are key to ensuring that the escalation process addresses the needs and concerns of those impacted by the incident. While the incident response team, technical resources, and media coverage are important considerations, they are secondary to the primary focus on stakeholder communication and involvement.