Certified Information Security Manager (CISM) — Question 781

Which of the following should be the PRIMARY objective of the information security incident response process?

Answer options

• A. Classifying incidents
• B. Conducting incident triage
• C. Communicating with internal and external parties
• D. Minimizing negative impact to critical operations

Correct answer: D

Explanation

The primary goal of the information security incident response process is to minimize negative impacts to critical operations, ensuring that the organization can maintain its essential functions during and after an incident. While classifying incidents, conducting triage, and communicating are important aspects of incident response, they serve to support the overarching objective of reducing operational disruption.