Which control activity should not be part of this review?

An internal auditor is reviewing physical and environmental controls for an IT organization .

Which control activity should not be part of this review?
A . Develop and test the organization’s disaster recovery plan.
B . Install and test fire detection and suppression equipment.
C . Restrict access to tangible IT resources.
D . Ensure that at least one developer has access to both systems and operations.

Answer: D

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments