Certified Information Security Manager (CISM) — Question 540

An information security manager notes that security incidents are not being appropriately escalated by the help desk after tickets are logged. Which of the following is the BEST automated control to resolve this issue?

Answer options

• A. Integrating automated service level agreement (SLA) reporting into the help desk ticketing system
• B. Changing the default setting for all security incidents to the highest priority
• C. Integrating incident response workflow into the help desk ticketing system
• D. Implementing automated vulnerability scanning in the help desk workflow

Correct answer: C

Explanation

Integrating incident response workflow into the help desk ticketing system allows for a structured approach to managing and escalating security incidents, ensuring timely responses. The other options, while beneficial, do not directly address the escalation process as effectively. For example, changing priority may not guarantee that incidents are escalated properly, and automated vulnerability scanning focuses on identifying vulnerabilities rather than managing incidents.