When reviewing an organization’s information security policies, an IS auditor should verify that the policies have been defined PRIMARILY on the basis of:

CISA V1 0 Comments

When reviewing an organization’s information security policies, an IS auditor should verify that the policies have been defined PRIMARILY on the basis of:
A . a risk management process.
B. an information security framework.
C. past information security incidents.
D. industry best practices.

Answer: B

Latest CISA Dumps Valid Version with 2694 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CISA PDF     CISA Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments