A security analyst informs the Chief Executive Officer (CEO) that a security breach has just occurred. This
results in the Risk Manager and Chief Information Officer (CIO) being caught unaware when the CEO asks for
further information. Which of the following strategies should be implemented to ensure the Risk Manager and
CIO are not caught unaware in the future?

A.
Procedure and policy management

B.
Chain of custody management

C.
Change management

D.
Incident management

Explanation:
incident management refers to the steps followed when events occur (making sure controls are in place to
prevent unauthorized access to, and changes of, all IT assets). The events that could occur include security
breaches.