To justify the establishment of an incident management team, an information security manager would find which of the following to be the MOST effective?
A . Assessment of business impact of past incidents
B . Need of an independent review of incident causes
C . Need for constant improvement on the security level
D . Possible business benefits from incident impact reduction
Answer: D
Explanation:
Business benefits from incident impact reduction would be the most important goal for establishing an incident management team. The assessment of business impact of past incidents would need to be completed to articulate the benefits. Having an independent review benefits the incident management process. The need for constant improvement on the security level is a benefit to the organization.