List of questions
Related questions
Question 143 - CISSP discussion
An organization is selecting a service provider to assist in the consolidation of multiple computing sites including development, implementation and ongoing support of various computer systems.
Which of the following MUST be verified by the Information Security Department?
A.
The service provider's policies are consistent with ISO/IEC27001 and there is evidence that the service provider is following those policies.
B.
The service provider will segregate the data within its systems and ensure that each region's policies are met.
C.
The service provider will impose controls and protections that meet or exceed the current systems controls and produce audit logs as verification.
D.
The service provider's policies can meet the requirements imposed by the new environment even if they differ from the organization's current policies.
Your answer:
0 comments
Sorted by
Leave a comment first