An IS auditor is reviewing a contract for the outsourcing of IT facilities. If missing, which of the following should present the GREATEST concern to the auditor?
Access controls are critical for maintaining the confidentiality, integrity, and availability of information and systems. If the contract lacks clear access control requirements, it could lead to unauthorized access to sensitive information or systems.
Access controls include user authentication, authorization, and other mechanisms that ensure only authorized individuals have access to the necessary resources.
While hardware configurations, help desk availability, and perimeter network security diagram are also important aspects of outsourcing contracts, the absence of clear access control requirements introduces a significant risk in terms of potential unauthorized access to IT facilities, data breaches, and compromised system security. Access control is fundamental to overall information security, and its absence or inadequacy can have severe consequences.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
FAGFUR
3 months, 3 weeks ago