Certified in Risk and Information Systems Control (CRISC) — Question 195

Which of the following is the BEST key performance indicator (KPI) to measure the maturity of an organization's security incident handling process?

Answer options

• A. The number of resolved security incidents
• B. The number of security incidents escalated to senior management
• C. The number of newly identified security incidents
• D. The number of recurring security incidents

Correct answer: D

Explanation

The number of recurring security incidents is the best KPI as it indicates the organization's ability to effectively resolve vulnerabilities and prevent future occurrences. In contrast, the number of resolved incidents (A) may not reflect the thoroughness of the handling process, while the count of escalated incidents (B) and newly identified incidents (C) do not directly measure the effectiveness of incident management over time.