In an organization where an IT security baseline has be…

In an organization where an IT security baseline has been defined, an IS auditor should FIRST ensure:

In an organization where an IT security baseline has been defined, an IS auditor should FIRST ensure:

A.
implementation.

B.
compliance.

C.
documentation.

D.
sufficiency.

Explanation:
An IS auditor should first evaluate the definition of the minimum baseline level by ensuring the sufficiency of
controls. Documentation, implementation and compliance are further steps.



Leave a Reply 0

Your email address will not be published. Required fields are marked *

fourteen − 9 =