ExamGecko
Search Search Login
Home Home / Isaca / Cybersecurity Audit
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is the BEST indication of mature third-party vendor risk management for an organization?
Using digital evidence to provide validation that an attack has actually occurred is an example of;
Which of the following is the BEST indication that an organization's vulnerability management process is operating effectively?
The GREATEST advantage of using a common vulnerability scoring system is that it helps with:
Which of the following would provide the BEST basis for allocating proportional protection activities when comprehensive classification is not feasible?
Which of the following BEST characterizes security mechanisms for mobile devices?
Using a data loss prevention (DLP) solution to monitor data saved to a USB memory device is an example of managing:
The risk of an evil twin attack on mobile devices is PRIMARILY due to:
What is the FIRST activity associated with a successful cyber attack?
Which of the following backup procedure would only copy files that have changed since the last backup was made?

Question 17 - Cybersecurity Audit discussion

Report
Export

Which of the following presents the GREATEST challenge to information risk management when outsourcing IT function to a third party?

A.
It is difficult to know the applicable regulatory requirements when data is located on another country.
Answers
A.
It is difficult to know the applicable regulatory requirements when data is located on another country.
B.
Providers may be reluctant to share technical delays on the extent of their information protection mechanisms.
Answers
B.
Providers may be reluctant to share technical delays on the extent of their information protection mechanisms.
C.
Providers may be restricted from providing detailed ^formation on their employees.
Answers
C.
Providers may be restricted from providing detailed ^formation on their employees.
D.
It is difficult to determine vendor financial viability to assess their potential inability to meet contract requirements.
Answers
D.
It is difficult to determine vendor financial viability to assess their potential inability to meet contract requirements.
Suggested answer: B

Explanation:

The GREATEST challenge to information risk management when outsourcing IT function to a third party is that providers may be reluctant to share technical details on the extent of their information protection mechanisms. This is because providers may consider their information protection mechanisms as proprietary or confidential, or may not want to reveal their weaknesses or vulnerabilities. This makes it difficult for the outsourcing organization to assess the level of security and compliance of the provider, and to monitor and audit their performance. The other options are not as challenging as providers being reluctant to share technical details, because they either involve legal or contractual aspects that can be clarified or negotiated before outsourcing (A, D), or human resource aspects that can be verified or validated by the provider C.

Show Answer
asked 18/09/2024
Stašo Zver
35 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms