What should a risk practitioner do FIRST when a shadow IT application is identified in a business owner's business impact analysis (BIA)?

QuestionsCategory: CRISCWhat should a risk practitioner do FIRST when a shadow IT application is identified in a business owner's business impact analysis (BIA)?
Admin Staff asked 6 months ago
What should a risk practitioner do FIRST when a shadow IT application is identified in a business owner's business impact analysis (BIA)?

A. Include the application in the business continuity plan (BCP).

B. Report the finding to management.

C. Segregate the application from the network.

D. Determine the business purpose of the application.








 

Suggested Answer: D



This question is in CRISC exam 
For getting Risk and Information Systems Control Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by ISACA.
The website does not contain actual questions and answers from ISACA's Certification Exams.
Trademarks, certification & product names are used for reference only and belong to ISACA.

Next Post

Recommended

Welcome Back!

Login to your account below

Create New Account!

Fill the forms below to register

Retrieve your password

Please enter your username or email address to reset your password.