Certified Information Security Manager (CISM) — Question 847

An investigation of a recent security incident determined that the root cause was negligent handling of incident alerts by system administrators. What is the BEST way for the information security manager to address this issue?

Answer options

• A. Provide incident response training to data owners.
• B. Provide incident response training to data custodians.
• C. Conduct a risk assessment and share the results with senior management.
• D. Revise the incident response plan to align with business processes.

Correct answer: B

Explanation

Providing incident response training to data custodians is crucial as they are directly responsible for handling data and alerts. This training will equip them with the necessary skills to effectively manage and respond to incidents. The other options, while potentially beneficial, do not directly address the immediate need for improved handling of incident alerts by those in charge.