Which of the following would be an IS auditor`s GREATEST concern when evaluating a cybersecurity incident response plan? 

Answer options:

A. The plan has not been recently tested.
B. Roles and responsibilities are not detailed for each process.
C. Stakeholder contact details are not up-to-date.
D. The plan does not include incident response metrics.

B