Which of the following is NOT a step in the CDM?

In the context of the CDM, or Critical Decision Making process, each step focuses on a structured approach to problem-solving and decision-making in security scenarios. Among the options provided, "Review Incident" is not traditionally categorized as an active step in the CDM.

The CDM typically progresses through stages such as assessing the situation to understand the context and variables involved, implementing solutions based on the information gathered, and reassessing options as circumstances evolve or new information comes to light. These steps ensure a comprehensive approach to addressing and resolving issues effectively.

While reviewing an incident can be a valuable part of post-event analysis for learning and improvement, it is not a formal step in the immediate CDM process. The focus of the CDM is on actionable steps to make critical decisions, whereas reviewing would generally occur afterward, to evaluate the effectiveness of the decisions made during the incident. This distinction clarifies why "Review Incident" does not fit within the core framework of the CDM as a procedural step.