Certified Information Security Manager (CISM) — Question 693

Which of the following is the MOST important consideration when developing incident classification methods?

Answer options

• A. Data classification
• B. Data owner input
• C. Service level agreements (SLAs)
• D. Business impact

Correct answer: D

Explanation

The correct answer is D, Business impact, because understanding the potential effects of an incident on the organization is crucial for effective prioritization and response. The other options, while relevant, do not directly address the overall consequences an incident may have on business operations.