An incident response policy is
A) A description of the standard methods used by an organization to handle information security incidents
B) A description of security policies, acceptable use policies, or standard security practices
C) A specification of the targets of the policy
D) The act of following applicable laws, regulations, rules, industry codes and contractual obligations

Question

Quizplus · Accepted Answer

An incident response policy is a set of guidelines and procedures that an organization follows when handling information security incidents. It outlines the steps that need to be taken to detect, investigate, mitigate, and recover from security incidents, as well as the roles and responsibilities of different stakeholders during the process. It also defines the procedures for reporting the incidents to management, stakeholders, and other relevant parties.

An Incident Response Policy Is