Which of the following should the auditor do FIRST?

An internal IS auditor discovers that a service organization did not notify its customers following a data breach.

Which of the following should the auditor do FIRST?
A . Notify audit management of the finding.
B . Report the finding to regulatory authorities.
C . Notify the service organization’s customers.
D . Require the service organization to notify its customers.

Answer: A

Latest CISA Dumps Valid Version with 2694 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments