A Chief Information Security Officer is developing procedures to guide detective and corrective activities associated with common threats, including phishing, social engineering, and business email compromise. Which of the following documents will be most relevant to revise as part of this process?

The Software Development Life Cycle (SDLC) outlines the processes for developing and maintaining software applications. While secure coding practices are essential to mitigate vulnerabilities, the SDLC does not specifically focus on incident detection and response activities, making it less relevant for addressing the immediate concerns of threats like phishing and social engineering.

The Business Continuity Plan (BCP) outlines procedures for maintaining business operations during and after a disruptive event. While it is important for overall resilience, the BCP does not directly address the specific detection and corrective actions related to cybersecurity threats, making it less relevant in the context of incident response.

The Acceptable Use Policy (AUP) establishes guidelines for appropriate use of organizational resources and technology by employees. Although it plays a role in promoting security awareness, it does not provide actionable procedures for responding to incidents, which is crucial for addressing the threats mentioned.