Security Asset Protection Professional Certification (SAPPC) Certification Practice Exam

Which action must be taken when a security violation occurs?

• A. Immediately report to the press
• B. Document the violation and notify proper authorities
• C. Ignore it to avoid panic
• D. Wait to see if the information is compromised

The correct answer is: Document the violation and notify proper authorities

When a security violation occurs, the appropriate action involves documenting the incident and notifying the proper authorities. This approach ensures that there is a formal record of the violation, which is critical for both internal investigations and for compliance with any regulatory requirements. Documentation serves various purposes: it creates a clear and accurate account of the incident, which can be essential for understanding how the violation took place and for developing strategies to prevent similar issues in the future. Additionally, notifying the proper authorities, which can include law enforcement, regulatory bodies, or internal security teams, is crucial in managing the situation effectively and implementing any required responses or investigations. This proactive approach helps to mitigate potential damages and reinforces accountability within the organization. In contrast, the other options suggest inadequate or reckless responses. Reporting to the press can lead to misinformation and public panic without a full understanding of the situation. Ignoring the violation can exacerbate risks and leave vulnerabilities unaddressed, while waiting to see if the information is compromised can lead to delayed responses, potentially increasing the impact of the violation.