nerdexam
EC-Council

312-50V10 · Question #456

During a security audit of IT processes, an IS auditor found that there were no documented security procedures. What should the IS auditor do?

The correct answer is A. Identify and evaluate existing practices. The auditor should first evaluated existing policies and practices to identify problem areas and

Information Security and Ethical Hacking Fundamentals

Question

During a security audit of IT processes, an IS auditor found that there were no documented security procedures. What should the IS auditor do?

Options

  • AIdentify and evaluate existing practices
  • BCreate a procedures document
  • CConduct compliance testing
  • DTerminate the audit

How the community answered

(27 responses)
  • A
    74% (20)
  • B
    15% (4)
  • C
    7% (2)
  • D
    4% (1)

Explanation

The auditor should first evaluated existing policies and practices to identify problem areas and

Topics

#security audit#IS auditor#security procedures#compliance assessment

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice