Which of the following is an information security manager’s MOST important consideration when exploring the use of a third-party provider to handle an IT function?
A.
The provider carries cyber insurance to cover security breaches.
B.
The provider agrees to provide historical security incident data.
C.
The provider’s security processes align with the organization’s.
D.
The provider has undergone an independent security review.
The correct answer is C. The provider’s security processes align with the organization’s.
The most important consideration for an information security manager when exploring the use of a third-party provider to handle an IT function is ensuring that the provider's security processes align with the organization's. This means that the provider's security policies, procedures, and controls are consistent with the organization's security objectives, standards, and requirements. This alignment helps to ensure that sensitive information is protected in a manner that is consistent with the organization's security posture and that security risks are minimized.
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
richck102
12 months agoBroesweelies
1 year, 4 months ago