nerdexam
(ISC)2

CISSP · Question #1421

Which of the following BEST obtains an objective audit of security controls?

The correct answer is C. The security audit is performed by an independent third-party.. The best option that obtains an objective audit of security controls is to have the security audit performed by an independent third-party. An independent third-party is an entity that is not affiliated with or influenced by the organization or the system that is being audited, a

Submitted by salim_om· Mar 5, 2026Security Assessment and Testing

Question

Which of the following BEST obtains an objective audit of security controls?

Options

  • AThe security audit is measured against a known standard.
  • BThe security audit is performed by a certified internal auditor.
  • CThe security audit is performed by an independent third-party.
  • DThe security audit produces reporting metrics for senior leadership.

How the community answered

(36 responses)
  • A
    6% (2)
  • B
    3% (1)
  • C
    89% (32)
  • D
    3% (1)

Explanation

The best option that obtains an objective audit of security controls is to have the security audit performed by an independent third-party. An independent third-party is an entity that is not affiliated with or influenced by the organization or the system that is being audited, and that has the expertise and credibility to conduct the security audit. An independent third-party can provide an unbiased and impartial assessment of the security controls, and identify the strengths and weaknesses of the system or network. An independent third-party can also provide recommendations and best practices for improving the security posture of the system or network.

Topics

#security audit#independent audit#third-party assessment

Community Discussion

No community discussion yet for this question.

Full CISSP Practice