ExamGecko
Search Search Login
Home Home / Isaca / Cybersecurity Audit
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is the BEST indication of mature third-party vendor risk management for an organization?
Using digital evidence to provide validation that an attack has actually occurred is an example of;
Which of the following is the BEST indication that an organization's vulnerability management process is operating effectively?
The GREATEST advantage of using a common vulnerability scoring system is that it helps with:
Which of the following would provide the BEST basis for allocating proportional protection activities when comprehensive classification is not feasible?
Using a data loss prevention (DLP) solution to monitor data saved to a USB memory device is an example of managing:
Which of the following BEST characterizes security mechanisms for mobile devices?
Which of the following backup procedure would only copy files that have changed since the last backup was made?
The risk of an evil twin attack on mobile devices is PRIMARILY due to:
Which of the following is a limitation of intrusion detection systems (IDS)?

Question 21 - Cybersecurity Audit discussion

Report
Export

Which of the following is the BEST indication of mature third-party vendor risk management for an organization?

A.
The third party's security program Mows the organization s security program.
Answers
A.
The third party's security program Mows the organization s security program.
B.
The organization maintains vendor security assessment checklists.
Answers
B.
The organization maintains vendor security assessment checklists.
C.
The third party maintains annual assessments of control effectiveness.
Answers
C.
The third party maintains annual assessments of control effectiveness.
D.
The organization's security program follows the thud party's security program.
Answers
D.
The organization's security program follows the thud party's security program.
Suggested answer: B

Explanation:

The BEST indication of mature third-party vendor risk management for an organization is that the organization maintains vendor security assessment checklists. This is because vendor security assessment checklists help the organization to evaluate and monitor the security posture and performance of their third-party vendors, based on predefined criteria and standards. Vendor security assessment checklists also help the organization to identify and mitigate any gaps or issues in the vendor's security controls or processes. The other options are not as indicative of mature third-party vendor risk management for an organization, because they either involve following or mimicking the security program of either party without considering their own needs or risks (A, D), or relying on the vendor's self-assessment without independent verification or validation C.

Show Answer
asked 18/09/2024
Alejandro Rodriguez
32 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms