An employee reported a sexual harassment case to management. Which of the following should your organization conduct first? (Wentz QOTD)
A. Submit a change request
B. Respond to an E-Discovery request
C. Review the acceptable use policy
D. Initiate administrative investigation
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is D. Initiate administrative investigation.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.
Administrative investigations are internal investigations.
Investigation: systematic or formal process of inquiring into or researching, and examining facts or materials associated with a matter.
Source: ISO/IEC 27035-3:2020 Information technology — Information security incident management — Part 3: Guidelines for ICT incident response operations
Discovery is the pre-trial phase in a lawsuit in which each party investigates the facts of a case, through the rules of civil procedure, by obtaining evidence from the opposing party and others by means of discovery devices including requests for answers to interrogatories, requests for production of documents and things, requests for admissions, and depositions.
- Requests for answers to interrogatories
- Requests for production of documents and things
- Requests for admissions
Electronic discovery or “e-discovery” refers to the discovery of information stored in electronic format (often referred to as Electronically Stored Information, or ESI).
一名員工向管理層報告了性騷擾案件。 您的組織應該首先執行以下哪一項？ (Wentz QOTD)
A. 提交變更請求(change request)
C. 檢討可接受的使用政策(acceptable use policy)