Summary
In this chapter, you explored the practical aspects of information security incident management. This chapter will help CISM candidates understand the different types of incident management tools and techniques. You will be able to execute a response and recovery plan in a more effective manner. This chapter will also help you design incident management metrics and indicators and determine the current state of the organization's incident response capability. You also learned how, as a CISM candidate, you can implement different post-incident activities and investigations.
This book has discussed all four domains of the CISM Review Manual by ISACA and will have helped CISM aspirants gain a sufficient theoretical, as well as practical, understanding of those domains. Aspirants should now feel prepared to pass the CISMÂ exam.