Which of the following would be of GREATEST concern to an IS auditor reviewing an organization's security incident handling procedures?
Which of the following would be of GREATEST concern to an IS auditor reviewing an organization's security incident handling procedures?
Guidelines for prioritizing incidents are crucial for ensuring that security incidents are appropriately addressed based on their severity and potential impact on the organization. Without clear guidelines for prioritization, there is a risk that incidents may not be handled in a timely manner, which can lead to prolonged exposure to threats or increased damage from security breaches. Therefore, the absence of incident prioritization guidelines would be of greatest concern to an IS auditor.
B. Roles for computer emergency response team (CERT) members have not been formally documented.
Guidelines for prioritizing incidents are essential for ensuring that security incidents are appropriately triaged and responded to in a timely manner based on their severity and potential impact on the organization. Without clear guidelines for prioritization, there is a risk that incidents may not be addressed promptly, potentially leading to prolonged exposure to threats or increased damage from security breaches.
Formalizing and documenting roles and responsibilities