An organization learns that a third party has outsourced critical functions to another external provider. Which of the following is the information security manager's MOST important course of action? A. Engage an independent audit of the third party's external provider. B. Conduct an external audit of the contracted third party. C. Recommend canceling the contract with the third party. D. Evaluate the third party's agreements with its external provider. Â Suggested Answer: D This question is in CISM exam For getting Certified Information Security Manager Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by ISACA. The website does not contain actual questions and answers from ISACA's Certification Exams. Trademarks, certification & product names are used for reference only and belong to ISACA.
Please login or Register to submit your answer