When evaluating information security governance within an organization, which of the following findings should be of MOST concern to an IS auditor? A. An information security governance audit was not conducted with in the past year. B. Information security policies are updated annually. C. The data center manager has final sign-off on security projects. D. The information security department has difficulty filling vacancies. Â Suggested Answer: C Community Answer: C This question is in CISA Certified Information Systems Auditor Exam For getting Certified Information Systems Auditor (CISA) Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by ISACA. Trademarks, certification & product names are used for reference only and belong to ISACA. The website does not contain actual questions and answers from ISACA's Certification Exams.
Please login or Register to submit your answer