It is very important that information security requirements are integrated into the EA program. EA integrates strategies and processes across the organization, which should include rules and standards regarding information security. IS auditors must evaluate whether these requirements are properly considered and implemented.
In contrast, the observation in option C, "IT application owners are solely responsible for architecture approval," is about the management and ownership of individual applications and has less direct impact on the security and integrity of the overall EA program.
Youre correct, B is a good practice and therefore not the answer...which is C.
upvoted 1 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Swallows
8 months, 2 weeks agochoboanon
3 months, 3 weeks ago