Certified Information Security Manager (CISM) — Question 838

Which of the following is MOST critical to ensure that information security incidents are managed properly?

Answer options

• A. Conducting an incident capability maturity assessment
• B. Testing the incident response plan
• C. Establishing an incident management performance matrix
• D. Assembling the incident response team

Correct answer: B

Explanation

Testing the incident response plan (option B) is crucial as it ensures the team is prepared and able to respond effectively to incidents. While conducting assessments (option A), establishing metrics (option C), and assembling teams (option D) are important, they do not directly validate the readiness of the response plan, which is essential for effective incident management.