Learn about the main goal of incident management according to the CISA certification exam. Understand how to prioritize resuming business operations during an incident.
Table of Contents
Question
Which of the following should be the PRIMARY objective of an organization’s incident management program?
A. Preventing recurrence of similar incidents in the future
B. Reducing the number and severity of security incidents throughout the organization
C. Closing incidents in accordance with service level agreements (SLAs)
D. Enabling the organization to resume normal business operations
Answer
The primary objective of an organization’s incident management program should be:
D. Enabling the organization to resume normal business operations
Explanation
While preventing future incidents (A), reducing the number and severity of incidents (B), and meeting SLA targets for incident resolution (C) are all important goals of incident management, the top priority during an active incident should be restoring critical business functions and returning the organization to normal operations as quickly as possible.
The main focus is on minimizing business disruption and financial losses from the incident. Future prevention, overall incident reduction, and SLA compliance are secondary to immediately restoring essential services, stopping the active incident, and allowing the business to operate normally again.
Incident management aims to identify, analyze, contain, eradicate and recover from incidents. The recovery phase is ultimately about resuming business operations. Without this, the organization remains impaired and unable to deliver products/services to customers, which is unsustainable.
In summary, while incident management has multiple important goals, enabling the organization to resume normal business operations in a timely manner should be the foremost objective and guiding principle throughout the incident management process. The other objectives support this overarching aim.
ISACA CISA certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the ISACA CISA exam and earn ISACA CISA certification.