Exam CISM topic 1 question 918 discussion

B - Properly classifying incidents allows organizations to prioritize their response efforts, ensuring efficient allocation of resources and timely communication with the right stakeholders. D is also important but u need to classify the incident first before proceed to communication.

Incident classification

Incident classification precedes a communication plan. You cannot establish an effective communication plan without first classifying the incidents since their classification helps shape the communication plan. High priority incidents will have to communicated differently from low priority incidents.

As said by others - good comms can lead to bad outcomes if the classification is wrong.

Classify for appropriate response

Key word is "effectively". You need to clasify to respond effectively .

D. Communication plan

Has to be incident classification without which you would not know who to communicate what to

A communication plan outlines how an organization will communicate with various stakeholders, including internal teams, external parties (such as customers, partners, and regulators), and the public, in the event of a security breach. This plan ensures that everyone is on the same page, knows their roles and responsibilities, and can respond promptly and appropriately to the breach. Effective communication can help minimize the damage caused by a breach, maintain trust with customers and partners, and meet legal and regulatory requirements. Without a clear communication plan, the response to a security breach may be disorganized, leading to confusion, delays, and potentially more significant consequences.