CAS-005 · Question #191
CAS-005 Question #191: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-005 to reveal the answer and full explanation for question #191. The question stem and answer options stay visible for context.
Question
A Chief Information Security Officer (CISO) is developing a third-party risk management program and wants to establish an order of preference for solicitation and acceptance of audit and assessment results from business partners. The CISO prefers a formal certification against an established framework, which should be considered more reliable than self-attestations. Which of the following is most likely the reason for this perspective?
Options
- ACertifications are typically issued against a formal standard.
- BAssessments are based on evidence, not judgments.
- CFor standards like PCI, self-attestations are more reliable than certifications.
- DA certification audit is managed by a central authority.
Unlock CAS-005 to see the answer
You've previewed enough free CAS-005 questions. Unlock CAS-005 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.