An IS auditor has found that a vendor has gone out of business and the escrow has an older version of the source code. What is the auditor's BEST recommendation for the organization?
A.
Perform an analysis to determine the business risk.
B.
Develop a maintenance plan to support the application using the existing code.
C.
Bring the escrow version up to date.
D.
Analyze a new application that meets the current requirements.
Undertaking an analysis to determine the business risk is the BEST recommendation for the organization. This analysis should include an assessment of the impact of the outdated source code on the organization's operations, security, and compliance. Based on the analysis, the organization can develop a risk management plan that may include options such as seeking alternative vendors, developing a new application, or implementing compensating controls to mitigate the risks associated with the outdated source code
If the question was about auditors action, i think determining the impact of on updation was correct. the question is about best recommendation, so i think he should suggest to update Escrow agreement
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
3008
1 month, 1 week agostarzuu
5 months, 2 weeks agoJONESKA
5 months, 4 weeks agoDeeplaxmi
1 year, 3 months agoDeeplaxmi
1 year, 3 months agoStaanlee
1 year agoDavid_Hu
1 year ago