An information security manager has identified a major security event with potential noncompliance implications. Who should be notified FIRST?
An information security manager has identified a major security event with potential noncompliance implications. Who should be notified FIRST?
When a major security event with potential noncompliance implications is identified, the first notification should be to senior management. Senior management is responsible for the organization's overall governance, risk management, and compliance. They need to be aware of the situation to assess the potential impact on the organization and make informed decisions about the next steps, including whether to notify internal audit, regulatory authorities, or the public relations team.
CISM AIO 2nd - Incident Management Operations > Initiation - This section covers the answer based on the severity of the incident and the incident being declared. Open to any correction
Senior Management looks good to me
This is the phase in which response to the incident begins. Typically, it includes decla- ration of an incident, followed by notifications sent to response team members so that response operations may begin. Depending upon the severity of the incident, notifica- tions may be sent to business executives
Selected Answer: C The question talks about a "Major" security event. If the "Senior Management" option was missing then "Data owner".
Notifying senior management promptly allows them to be aware of the situation, assess the potential impact on the organization, and make informed decisions regarding the next steps, including whether to involve internal audit, regulatory authorities, or public relations. Senior management is responsible for overseeing the organization's overall governance, risk management, and compliance, and their involvement is crucial in addressing and managing security incidents.
C. Senior management
C, in case of regulations such as GDPR, authorities must be informed so D is important