Certified Information Security Manager (CISM) — Question 796

The PRIMARY objective of a post-incident review of an information security incident is to:

Answer options

• A. minimize impact.
• B. determine the impact.
• C. prevent recurrence.
• D. update the risk profile.

Correct answer: C

Explanation

The primary aim of a post-incident review is to prevent recurrence by identifying what went wrong and implementing measures to avoid similar incidents in the future. While minimizing impact, determining impact, and updating the risk profile are important, they are secondary to the goal of preventing future incidents.