A finance department director has decided to outsource the organization's budget application and has identified potential providers. Which of the following actions should be initiated FIRST by the information security manager?
A.
Determine the required security controls for the new solution.
B.
Obtain audit reports on the service providers’ hosting environment.
C.
Review the disaster recovery plans (DRPs) of the providers.
D.
Align the roles of the organization's and the service providers’ staffs.
This question is actually easier then it looks. Majority of people here, for some reason, are interpreting that by "providers" it is meant "cloud providers", while the question just says that company is considering outsourcing their budget application (not hosting it in a cloud, but purchasing/outsourcing the development of the app). So the first thing is figuring out the security requirements.
This answer is wrong because, the finance director is yet to decide the provider to go with. A. Determine the required security controls for the new solution.... is the best answer.
A. Determine the required security controls for the new solution.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
ServerBrain
8 months, 2 weeks agoAlexJacobson
1 year, 4 months agoUncle_Lucifer
1 year, 6 months agoSoleandheel
1 year, 7 months agoBl1024
1 year, 7 months agoSoleandheel
1 year, 7 months agorichck102
1 year, 8 months ago