Which of the following should an information security manager do FIRST after discovering that a business unit has implemented a newly purchased application and bypassed the change management process?
As an information security manager, the correct answer would be C. Discuss the issue with senior leadership. After discovering that a business unit has implemented a newly purchased application and bypassed the change management process, it is important to report this to senior leadership. This allows them to understand the situation and make informed decisions regarding the next steps. It is important to involve senior leadership, as they have the authority to address the issue appropriately and ensure that necessary actions are taken to mitigate any potential risks.
C. Discuss the issue with senior leadership.
Look here no incident or breach happened , they just bypassed the process . They are Business owners and are powerful and may be generating revenue . So inform Senior mgmt and let them deicide what's the next step .
Flouting of an established change management process can be considered a breach and once identified/verified, it would be an incident. As a next step, the containment process should be initiated. In this case, the containment method would be removing the application from production. The stakeholders and senior management can be informed soon after for decision on further steps.
Answer: D
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
koala_lay
8 months, 2 weeks agorichck102
9 months, 1 week agowickhaarry
9 months, 2 weeks agoCISSPST
9 months, 4 weeks agoAdji91
10 months ago