Certified Information Security Manager (CISM) — Question 715

An information security manager developing an incident response plan MUST ensure it includes:

Answer options

• A. critical infrastructure diagrams.
• B. a business impact analysis (BIA).
• C. criteria for escalation.
• D. an inventory of critical data.

Correct answer: C

Explanation

Having criteria for escalation is essential in an incident response plan as it defines when and how incidents should be elevated within the organization. While critical infrastructure diagrams, a business impact analysis, and an inventory of critical data are important, they do not directly address the immediate response process as escalation criteria do.