Certified Information Security Manager (CISM) — Question 775

When developing a categorization method for security incidents, the categories MUST:

Answer options

• A. be created by the incident hander.
• B. align with reporting requirements.
• C. have agreed-upon definitions.
• D. align with industry standards.

Correct answer: C

Explanation

The correct answer is C because having agreed-upon definitions ensures that everyone understands the categories in the same way, which is crucial for consistent reporting and analysis. While aligning with reporting requirements (B) and industry standards (D) is important, they do not guarantee clarity in categorization without clear definitions. Option A is incorrect as the creation of categories should involve broader input, not just the incident handler.