Exam ISO-IEC-27035-Lead-Incident-Manager Topic 2 Question 16 Discussion

Actual exam question for PECB's ISO-IEC-27035-Lead-Incident-Manager exam
Question #: 16
Topic #: 2
What is a crucial element for the effectiveness of structured information security incident management?

Suggested Answer: B Vote an answer

Comprehensive and Detailed Explanation From Exact Extract:
While technical expertise is essential, ISO/IEC 27035 emphasizes that structured incident management must be supported by the awareness and active participation of all personnel across the organization. Effective incident response is not confined to technical teams; human factors-such as early detection, proper escalation, and policy adherence-require engagement from users, management, and third-party stakeholders.
Clause 6.3 of ISO/IEC 27035-1:2016 specifically highlights that staff awareness is critical. Personnel should understand their role in reporting suspicious activity, following defined procedures, and participating in readiness exercises.
Outsourcing (Option C) may support capacity, but it is not a substitute for internal preparedness, awareness, and governance.
Reference Extracts:
ISO/IEC 27035-1:2016, Clause 6.3: "All staff should be aware of their responsibilities in reporting and managing information security incidents." ISO/IEC 27001:2022, Control 6.3 and A.6.3.1: "Information security responsibilities must be communicated to and accepted by all personnel." Correct answer: B
-

by Bartholomew at Nov 29, 2025, 07:19 AM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10