ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 658 discussion

Actual exam question from Isaca's CISM
Question #: 658
Topic #: 1
[All CISM Questions]

Which of the following should be the PRIMARY consideration when developing an incident response plan?

  • A. Previously reported incidents
  • B. Management support
  • C. Compliance with regulations
  • D. The definition of an incident
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Jae_kes at June 21, 2023, 6:31 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
CISSPST
11 months, 1 week ago
Selected Answer: D
Which of the following should be the PRIMARY consideration when DEVELOPING an incident response plan? The operative word is developing (and not implementing). For developing, it is critical to make a clear distinction between event, incident, problem and disaster. This is required to establish the roles and responsibilities, severity and escalation procedures. If the question were about implementation, then management support would have been a precursor to execution of the IRP.
upvoted 3 times
...
afc1019
1 year, 1 month ago
Selected Answer: D
The definition of an incident will determine the scope of the incident response plan and the types of incidents that it will cover. It is important to define an incident broadly enough to capture all potential incidents, but narrowly enough to focus on the most important incidents.
upvoted 3 times
...
jennarink13
1 year, 4 months ago
B. Management Support. Regardless if you have a well developed plan, but management isn't committed to supporting incident response initiatives, this will all be pointless.
upvoted 2 times
AlexJacobson
10 months, 1 week ago
"Management support" or "management buy-in" is not always the magical correct answer on CISM. These answers are usually correct when the question is about some high-level things like strategy, program, policy, etc.
upvoted 1 times
Salilgen
8 months, 3 weeks ago
You are right but I report you this: "Executive support is essential in incident response plan development, particularly for escalation and communications. Executives need to be comfortable knowing that low severity incidents are competently handled without their being notified every time, for instance. Also, executives need to know that they will be notified using established protocols when more serious incidents occur." H. Gregory pag. 411
upvoted 2 times
...
...
...
richck102
1 year, 4 months ago
D. The definition of an incident
upvoted 3 times
...
Jae_kes
1 year, 5 months ago
Selected Answer: B
B. Management support
upvoted 1 times
chanke
1 year, 5 months ago
When developing is the keyword. Management at this stage will already have the support of it. Classifying or defining what is a incident at this stage will help the development of the program.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel