🔥 3-day streak
ISACA CISM — Certified Information Security Manager68 / 121
Question 68 of 121

Two weeks after containing and recovering from a ransomware incident, the information security manager convenes a post-incident review with IT, legal, and business unit stakeholders. During the meeting, several participants begin assigning blame to the help desk analyst who initially failed to escalate the malware alert. What should the information security manager emphasize as the PRIMARY purpose of this review?

Reviewed for accuracy · Report an issueNext question