Information Security Incident Management

This domain includes questions from the following topics:

• Security incident response

• Developing security incident response plans and playbooks

• Notifying internal and external parties during a breach

• Conducting a post-incident review to identify improvement opportunities

• Integrating security incident response plans with disaster recovery and business continuity plans

The topics in this chapter represent 19 percent of the Certified Information Security Manager (CISM) examination. This chapter discusses CISM job practice 4, “Information Security Incident Management.”

ISACA defines this domain as follows: “Plan, establish and manage the capability to detect, investigate, respond to and ...

Get CISM Certified Information Security Manager Practice Exams now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.