A bank stores and processes sensitive privacy information related to home loans. However, auditing has never
been enabled on the system. What is the first step that the bank should take before enabling the audit feature?
A.
Perform a vulnerability scan of the system.
B.
Determine the impact of enabling the audit feature.
C.
Perform a cost/benefit analysis of the audit feature.
D.
Allocate funds for staffing of audit log review.