Certified Information Security Manager (CISM) — Question 951

Which of the following should be updated FIRST when aligning the incident response plan with the corporate strategy?

Answer options

• A. Security procedures
• B. Disaster recovery plan (DRP)
• C. Incident notification plan
• D. Risk response scenarios

Correct answer: D

Explanation

The Risk response scenarios should be updated first because they directly reflect the organization's approach to managing risks in line with its strategic objectives. Updating these scenarios ensures that the incident response plan is relevant and effective in the context of the corporate strategy. The other options, while important, are secondary to aligning risk responses with the overall strategy.