You’ve been tasked with consulting an organization that hasn’t had a breach, but their regulator documented an audit finding that they needed to redefine their Incident Response Program. Answer one of the following questions:
- The organization believes their program is adequate; how do you impress upon management that the audit finding is valid?
- How would you develop/draft the project plan to have a workable plan in place prior to the organization’s next annual audit?
Leave a Reply
You must be logged in to post a comment.