Certified Information Security Manager (CISM) — Question 501

Which of the following BEST determines what information should be shared with different entities during incident response?

Answer options

• A. Escalation procedures
• B. Communication plan
• C. Disaster recovery policy
• D. Business continuity plan (BCP)

Correct answer: B

Explanation

The Communication plan is crucial as it outlines the specific information to be shared with different stakeholders during an incident response. In contrast, Escalation procedures focus on the hierarchy of reporting, the Disaster recovery policy pertains to recovery processes, and the Business continuity plan (BCP) addresses ongoing operations, but none are specifically tailored to information sharing.