Certified Information Security Manager (CISM) — Question 668

Which of the following is the BEST course of action when confidential information is inadvertently disseminated outside the organization?

Answer options

• A. Change the encryption keys
• B. Declare an incident
• C. Review compliance requirements
• D. Communicate the exposure

Correct answer: B

Explanation

Declaring an incident is essential because it initiates an organized response to manage the breach and mitigate any potential damage. Changing encryption keys, reviewing compliance requirements, and communicating the exposure are important steps, but they should follow the formal declaration of the incident to ensure a coordinated effort in handling the situation.