What is the MOST important action that the information security manager needs to perform?

An organization is entering into an agreement with a new business partner to conduct customer
mailings. What is the MOST important action that the information security manager needs to
perform?

An organization is entering into an agreement with a new business partner to conduct customer
mailings. What is the MOST important action that the information security manager needs to
perform?

A.
A due diligence security review of the business partner’s security controls

B.
Ensuring that the business partner has an effective business continuity program

C.
Ensuring that the third party is contractually obligated to all relevant security requirements

D.
Talking to other clients of the business partner to check references for performance

Explanation:

The key requirement is that the information security manager ensures that the third party is
contractually bound to follow the appropriate security requirements for the process being

outsourced. This protects both organizations. All other steps are contributory to the contractual
agreement, but are not key.



Leave a Reply 0

Your email address will not be published. Required fields are marked *