Certified Information Security Manager (CISM) — Question 760
An information security manager learns through a threat intelligence service that the organization may be targeted for a major emerging threat. Which of the following is the information security manager's FIRST course of action?
Answer options
- A. Conduct an information security audit
- B. Perform a gap analysis
- C. Validate the relevance of the information
- D. Inform senior management
Correct answer: C
Explanation
The correct answer is C because before taking any further action, the information security manager must confirm that the threat information is relevant and applicable to their organization. Conducting an audit or a gap analysis (options A and B) is premature without validating the threat first, and simply informing senior management (option D) should come after confirming the threat's relevance.