Question

To ensure the information security of outsourced IT services, which of the following is the MOST...

To ensure the information security of outsourced IT services, which of the following is the MOST critical due diligence activity?

A. Review samples of service level reports from the service provider.
B. Assess the level of security awareness of the service provider.
C. Request that the service provider comply with information security policy.
D. Review the security status of the service provider.


Correct Answer: C?? or D???

Homework Answers

Answer #1

Solution:

The answer is option D.

Explanation:

In order to ensure the information security of the outsourced IT services, the service provider must comply with the security policies that are stated by the company.

The above activity stated must takes place after conducting the business.

Due diligence activity is the activity which includes the examination of the financial records and other standards of the party before proceeding to start their business.

So, during the due diligence activity, the security status of the service provider must be reviewed.

If the security status is found satisfactory during the due diligence activity, then the business or the proposed transaction can be proceeded further.

When the business starts between the parties, then the service provider must also comply with the security policies that are defined in the business.

Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
Which of the following is the BEST method to ensure that data owners take responsibility for...
Which of the following is the BEST method to ensure that data owners take responsibility for implementing information security processes? A. Include security tasks into employee job descriptions. B. Include membership on project teams. C. Provide job rotation into the security organization. D. Increase security awareness training. Correct Answer: ???????????????? ____________________ ■ Answer D (Increase security awareness training) is officially believed to be the correct one. ■ But I believe it is weak because there is no accountability ■ Please...
Business units within an organization are resistant to proposed changes to the information security program. Which...
Business units within an organization are resistant to proposed changes to the information security program. Which of the following is the BEST way to address this issue? A. Implementing additional security awareness training B. Communicating critical risk assessment results to business unit managers C. Including business unit representation on the security steering committee D. Publishing updated information security policies Correct Answer: B?????? or C?????????? ______________________ Note ■ Some experts claim that the correct answer is: "B. Communicating critical risk assessment...
Which of the following provides the MOST comprehensive understanding of an organization’s information security posture? A....
Which of the following provides the MOST comprehensive understanding of an organization’s information security posture? A. Risk management metrics B. External audit findings C. Results of vulnerability assessments D. The organization’s security incident trends Correct Answer: A ???? or D?????? or ........... ______________________ Note ■ Some good websites claim that the correct answer is A ("Risk management metrics"). ■ Others good websites claim that the correct answer is D ("The organization’s security incident trends"). ■ Why A and not D?...
Which of the following statements concerning the income statement of health services organizations is most correct?...
Which of the following statements concerning the income statement of health services organizations is most correct?                         a.         GAAP specifies a single format for the income statement of health services organizations, so they all look exactly the same.                         b.         The income statements of most hospitals report only one measure of profitability.                         c.         The income statement has three expense sections: operating expenses, financial expenses, and frivolous expenses.                         d.         The premium revenue entry reports revenues collected that exceed the...
What is/are the most important source of interpretive information about the company which is available for...
What is/are the most important source of interpretive information about the company which is available for an analyst in the Form 10K report. Select any or all that apply. A MD&A B Notes to the Financial Statement C Proxy Statement D Security Analyst reports
What is the MOST important consideration when establishing metrics for reporting to the information security strategy...
What is the MOST important consideration when establishing metrics for reporting to the information security strategy committee? A. Agreeing on baseline values for the metrics B. Developing a dashboard for communicating the metrics C. Providing real-time insight on the security posture of the organization D. Benchmarking the expected value of the metrics against industry standards Correct Answer: A???? or B??????   or C???????? ______________________ Note ■ Some good websites claim that the correct answer is A ("Agreeing on baseline values for...
A process costing system would most likely be used for all of the following except? a)...
A process costing system would most likely be used for all of the following except? a) a manufacturer of plywood sheets b) a men's barbershop c) a tailor d) a hay farmer Boston Furniture Company manufactures several steel products. It has three production departments: Fabricating, Assembly, and Finishing. The service departments include Maintenance, Material Handling, and Designing. Currently, the company does not allocate service department costs to the production departments. John Baker, who has recently joined the company as the...
Which of the following is correct about the statement of cash flows? A. It provides information...
Which of the following is correct about the statement of cash flows? A. It provides information about a company’s cash receipts and cash payments during an accounting period. B. It provides information about a company’s operating, investing, and financing activities during the period. C. It provides information that investors and creditors can use to assess the company’s ability to generate positive future cash flows, ability to pay its liabilities, ability to pay dividends, and its need for additional financing. D....
Which of the following statements about financial statements is most correct?                         a.     &nbsp
Which of the following statements about financial statements is most correct?                         a.         Balance sheets are constructed using market (current) values for property and equipment.                         b.         Under certain circumstances (for example, a difference between book depreciation and tax depreciation), the balance sheet may not balance; that is, total assets will not equal total liabilities plus total equity.                         c.         The income statement reports on operations as of a given (single) date.                         d.         Short-term securities investments (as opposed to...
1. In order to use an instant messaging service, most services require the user to provide...
1. In order to use an instant messaging service, most services require the user to provide or create an e-mail account. a. true b. false 2. Although some companies, such as Yahoo! and Hotmail, provide free e-mail accounts, the account setup information provided by the end user is verified by the company and it is probably accurate. a. true b. false 3. For IM-related complaints, which of the the following information from the complainant would not be beneficial? a. The...