Question: 1
An information security manager has become aware that a third-party provider is not in compliance with the statement of work (SOW). Which of the following is the BEST course of action?
Question: 2
A recent audit found that an organization's new user accounts are not set up uniformly. Which of the following is MOST important for the information security manager to review?
Question: 3
An information security manager is assisting in the development of the request for proposal (RFP) for a new outsourced service. This will require the third party to have access to critical business information. The security manager should focus PRIMARILY on defining:
Question: 4
Deciding the level of protection a particular asset should be given is BEST determined by:
Question: 5
Which of the following is the MOST relevant information to include in an information security risk report to facilitate senior management's understanding of impact to the organization?