Certified in Risk and Information Systems Control (CRISC) — Question 731

Which of the following BEST indicates effective information security incident management?

Answer options

• A. Frequency of information security incident response plan testing
• B. Percentage of high risk security incidents
• C. Monthly trend of information security-related incidents
• D. Average time to identify critical information security incidents

Correct answer: D

Explanation

The correct answer, D, reflects how quickly an organization can identify critical incidents, which is crucial for minimizing damage. While A, B, and C provide useful metrics, they do not directly measure the effectiveness of incident management in terms of response speed.