nerdexam
(ISC)2

CISSP · Question #1282

Which of the following is the MOST important first step in preparing for a security audit?

The correct answer is B. Define the scope.. The scope of a security audit defines the objectives, criteria, boundaries, and responsibilities of the audit process. It is the most important first step in preparing for a security audit, as it helps to establish the expectations, requirements, and limitations of the audit. Wit

Submitted by fatima_kr· Mar 5, 2026Security Assessment and Testing

Question

Which of the following is the MOST important first step in preparing for a security audit?

Options

  • AIdentify team members.
  • BDefine the scope.
  • CNotify system administrators.
  • DCollect evidence.

How the community answered

(61 responses)
  • A
    7% (4)
  • B
    89% (54)
  • C
    2% (1)
  • D
    3% (2)

Explanation

The scope of a security audit defines the objectives, criteria, boundaries, and responsibilities of the audit process. It is the most important first step in preparing for a security audit, as it helps to establish the expectations, requirements, and limitations of the audit. Without a clear and agreed- upon scope, the audit may not achieve its intended goals, or it may exceed its budget, time, or resources. Identifying team members, notifying system administrators, and collecting evidence are all important steps in a security audit, but they should be done after the scope is defined.

Topics

#Security audit#Audit planning#Scope definition

Community Discussion

No community discussion yet for this question.

Full CISSP Practice