An organization has outsourced many application development activities to a third party that uses contract programmers extensively. Which of the following would provide the BEST assurance that the third party's contract programmers comply with the organization's security policies?

Questions › Category: CISM › An organization has outsourced many application development activities to a third party that uses contract programmers extensively. Which of the following would provide the BEST assurance that the third party's contract programmers comply with the organization's security policies?

0 Vote Up Vote Down

Admin Staff asked 6 months ago

An organization has outsourced many application development activities to a third party that uses contract programmers extensively. Which of the following would provide the BEST assurance that the third party's contract programmers comply with the organization's security policies?

A. Perform periodic security assessments of the contractors' activities.

B. Conduct periodic vulnerability scans of the application.

C. Require annual signed agreements of adherence to security policies.

D. Include penalties for noncompliance in the contracting agreement.








 

Suggested Answer: A



This question is in CISM exam 
For getting Certified Information Security Manager Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by ISACA.
The website does not contain actual questions and answers from ISACA's Certification Exams.
Trademarks, certification & product names are used for reference only and belong to ISACA.

An organization has outsourced many application development activities to a third party that uses contract programmers extensively. Which of the following would provide the BEST assurance that the third party's contract programmers comply with the organization's security policies?

An empowered security steering committee has decided to accept a critical risk. Which of the following is the information security manager's BEST course of action?

Which of the following would be impacted the MOST by a business decision to move from traditional computing to cloud computing?

AZ-104 Practice Test Free

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password

An organization has outsourced many application development activities to a third party that uses contract programmers extensively. Which of the following would provide the BEST assurance that the third party's contract programmers comply with the organization's security policies?

An empowered security steering committee has decided to accept a critical risk. Which of the following is the information security manager's BEST course of action?

Which of the following would be impacted the MOST by a business decision to move from traditional computing to cloud computing?

AZ-104 Practice Test Free

Related Questions

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password