🔥 3-day streak
ISACA CISM — Certified Information Security Manager38 / 121
Question 38 of 121

A newly appointed information security manager reviews the organization's incident management capability and finds that the response team performs well during active incidents but consistently struggles because tools, access credentials, and contact lists are gathered on the fly. Which phase of the incident management lifecycle should the manager strengthen FIRST to address the root cause of these repeated struggles?

Reviewed for accuracy · Report an issueNext question