ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 429 discussion

Actual exam question from Isaca's CISM
Question #: 429
Topic #: 1
[All CISM Questions]

Which of the following should be an information security manager's FIRST course of action when developing an incident management and response plan?

  • A. Reassess management's risk appetite
  • B. Conduct a gap analysis
  • C. Update the current risk register
  • D. Revise the business continuity plan (BCP)
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by mad68 at May 13, 2023, 8:21 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
xcjxcj
9 months, 2 weeks ago
Selected Answer: A
Risk appetite defines desired state. The question is about FIRST, A is the best answer. If question is most IMPORTANT, then B is the answer
upvoted 1 times
...
Salilgen
9 months, 3 weeks ago
Selected Answer: B
From AIO 2nd ed. pag. 414 "Prior to the development of a security incident response plan, the security manager must determine the current state of the organization’s incident response capabilities, as well as the desired end state (for example, a completed security incident response plan with specific capabilities and characteristics). A gap analysis is the best way for the security manager to understand what capabilities and resources are lacking."
upvoted 2 times
...
Manix
11 months ago
Selected Answer: A
Risk appetite should be checked to define objectives and then gap analysis performed to identify missing elements
upvoted 2 times
...
oluchecpoint
1 year, 3 months ago
B. Conduct a gap analysis Conducting a gap analysis involves assessing the current state of your organization's security posture and identifying the gaps or weaknesses in your incident management and response capabilities. This analysis helps you understand where you are currently and where you need to be in terms of incident readiness. Once you have a clear understanding of these gaps, you can then proceed to address them by updating the risk register, revising the business continuity plan (BCP), and reassessing management's risk appetite as needed. However, identifying and addressing these gaps is a crucial starting point to ensure that your incident management and response plan is comprehensive and effective.
upvoted 2 times
...
Agamennore
1 year, 3 months ago
Selected Answer: B
The gap analysis helps identify the existing capabilities and the desired state of incident management and response within the organization
upvoted 1 times
...
AaronS1990
1 year, 4 months ago
Surely he'd reasses the appetite and then do the gap analysis...
upvoted 1 times
...
richck102
1 year, 5 months ago
B. Conduct a gap analysis
upvoted 1 times
...
Saisharan
1 year, 6 months ago
I think Option B
upvoted 1 times
...
mad68
1 year, 7 months ago
Selected Answer: B
From the ISACA CISM examination perspective, the information security manager's FIRST course of action when developing an incident management and response plan would typically be to conduct a gap analysis (Option B). The gap analysis helps identify the existing capabilities and the desired state of incident management and response within the organization. It allows the manager to assess the gaps and deficiencies in processes, resources, and controls, which then inform the development of the incident management and response plan.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel