Certified Information Security Manager (CISM) — Question 754

When investigating an information security incident details of the incident should be shared:

Answer options

• A. widely to demonstrate positive intent
• B. only as needed
• C. only with management
• D. only with internal audit

Correct answer: B

Explanation

The correct answer is B because sharing details only as needed helps contain the information to those who require it, minimizing potential risks. Option A is incorrect as widely sharing details can lead to misunderstandings and exacerbate the situation. Options C and D are too restrictive, as they limit information sharing to specific groups who may not need to know all details.