An IS auditor reviewing security incident processes realizes incidents are resolved and closed, but root causes are not investigated. Which of the following should be the MAJOR concern with this situation?
A.
Security incident policies are out of date.
B.
Lessons learned have not been properly documented.
C.
Vulnerabilities have not been properly addressed.
While lessons learned not being properly documented (option B) is also a concern, the primary issue is ensuring that vulnerabilities are identified and mitigated to prevent future incidents. Therefore, the failure to properly address vulnerabilities is the major concern in this situation.
C. Vulnerabilities have not been properly addressed.
Without investigating the root causes of security incidents, organizations cannot identify and rectify the underlying vulnerabilities that led to these incidents in the first place. This can result in a continuous cycle of incidents and potential security breaches, leaving the organization exposed to ongoing risks. Addressing vulnerabilities is a fundamental aspect of maintaining effective cybersecurity, and it should be a top priority for any organization.
While the other options (A, B, and D) may also be concerns, they are not as directly related to the failure to investigate root causes of security incidents.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Swallows
3 months, 2 weeks agoSuperMax
11 months, 2 weeks agoChaBum
6 months agoBabaP
1 year, 4 months agotkm901
1 year, 7 months ago