After an IS auditor has identified threats and potential impacts, the auditor should:

After an IS auditor has identified threats and potential impacts, the auditor should:

After an IS auditor has identified threats and potential impacts, the auditor should:

A.
Identify and evaluate the existing controls

B.
Conduct a business impact analysis (BIA)

C.
Report on existing controls

D.
Propose new controls

Explanation:

After an IS auditor has identified threats and potential impacts, the auditor should then identify and
evaluate the existing controls.

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *

thirteen − 12 =