While conducting an IT operations audit, an internal IS auditor discovers there are backup media missing that potentially contain unencrypted data. Which of the following should be the IS auditor’s NEXT step?
A.
Review the backup media policy and procedures.
B.
Notify legal and regulatory authorities of the lost media.
The storage of unencapsulated backup media can be classified as a security incident and can be tracked (D) and processed (reported, processed, remediated, etc.) as a priority to determine what data is stored.
Not D. knowing what data is on the tape is not necessary now as we already lost it. I need to know why is this happening. Analyzing the procedures should me the next step. I say A.
The IS auditor's next step, upon discovering missing backup media potentially containing unencrypted data, should be to review the backup media policy and procedures. Understanding the organization's policies and procedures for handling backup media is crucial in assessing the context of the incident and determining whether established protocols were followed.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CISA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
52cb16c
3 months agoRS66
1 year agoveli_117
10 months, 1 week agoSwallows
1 year, 4 months ago3008
1 year, 8 months agoFAGFUR
1 year, 9 months ago