An information security manager has recently been notified of potential security risks associated with a third-party service provider. What should be done NEXT to address this concern?

Questions › Category: CISM › An information security manager has recently been notified of potential security risks associated with a third-party service provider. What should be done NEXT to address this concern?

0 Vote Up Vote Down

Admin Staff asked 6 months ago

An information security manager has recently been notified of potential security risks associated with a third-party service provider. What should be done NEXT to address this concern?

A. Escalate to the chief risk officer (CRO).

B. Conduct a vulnerability analysis.

C. Conduct a risk analysis.

D. Determine compensating controls.








 

Suggested Answer: C



This question is in CISM exam 
For getting Certified Information Security Manager Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by ISACA.
The website does not contain actual questions and answers from ISACA's Certification Exams.
Trademarks, certification & product names are used for reference only and belong to ISACA.

An information security manager has recently been notified of potential security risks associated with a third-party service provider. What should be done NEXT to address this concern?

Management of a financial institution accepted an operational risk that consequently led to the temporary deactivation of a critical monitoring process. Which of the following should be the information security manager's GREATEST concern with this situation?

An information security manager learns that business unit leaders are encouraging increased use of social media platforms to reach customers. Which of the following should be done FIRST to help mitigate the risk of confidential information being disclosed by employees on social media?

AZ-104 Practice Test Free

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password

An information security manager has recently been notified of potential security risks associated with a third-party service provider. What should be done NEXT to address this concern?

Management of a financial institution accepted an operational risk that consequently led to the temporary deactivation of a critical monitoring process. Which of the following should be the information security manager's GREATEST concern with this situation?

An information security manager learns that business unit leaders are encouraging increased use of social media platforms to reach customers. Which of the following should be done FIRST to help mitigate the risk of confidential information being disclosed by employees on social media?

AZ-104 Practice Test Free

Related Questions

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password