Certified Information Security Manager (CISM) — Question 483

The PRIMARY objective of performing a post-incident review is to:

Answer options

• A. identify control improvements
• B. identify vulnerabilities
• C. re-evaluate the impact of incidents
• D. identify the root cause

Correct answer: A

Explanation

The primary goal of a post-incident review is to identify control improvements, which helps organizations strengthen their defenses against future incidents. Options B and D, while important, focus on vulnerabilities and root causes rather than on improving existing controls. Option C, though relevant, emphasizes re-evaluation rather than the main objective of enhancing control measures.