nerdexam
Cisco

210-255 · Question #191

Which stakeholder is responsible for coordinating incident response among various business units, minimizing damage, and reporting to regulatory agencies?

The correct answer is A. management. Management bears organizational responsibility for coordinating incident response across business units, limiting damage, and fulfilling mandatory regulatory reporting obligations.

Security Policies and Procedures

Question

Which stakeholder is responsible for coordinating incident response among various business units, minimizing damage, and reporting to regulatory agencies?

Options

  • Amanagement
  • Bpublic affairs and media relations
  • CCSIRT
  • DPSIRT

How the community answered

(29 responses)
  • A
    90% (26)
  • B
    7% (2)
  • C
    3% (1)

Why each option

Management bears organizational responsibility for coordinating incident response across business units, limiting damage, and fulfilling mandatory regulatory reporting obligations.

AmanagementCorrect

Management holds the authority and accountability required to direct personnel across multiple business units during an incident, ensuring a unified organizational response. They are also the appropriate stakeholders to communicate with and report to regulatory agencies, as this requires organizational authority and legal accountability. Minimizing business damage involves executive-level decisions around resource allocation and risk acceptance that only management can authorize.

Bpublic affairs and media relations

Public affairs and media relations is responsible for crafting and delivering external communications and press statements, not for coordinating technical or operational response across business units.

CCSIRT

CSIRT (Computer Security Incident Response Team) handles the technical investigation and containment of incidents but does not have the organizational authority to direct all business units or fulfill regulatory reporting responsibilities.

DPSIRT

PSIRT (Product Security Incident Response Team) is a vendor-side team that manages vulnerability disclosures in specific products, not an internal incident coordinator for an organization's business units.

Concept tested: Incident response stakeholder roles and responsibilities

Source: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf

Topics

#incident response#stakeholder roles#IR coordination#regulatory reporting

Community Discussion

No community discussion yet for this question.

Full 210-255 Practice