nerdexam
ExamsCISSPQuestions#170
(ISC)2(ISC)2

CISSP · Question #170

CISSP Question #170: Real Exam Question with Answer & Explanation

The correct answer is D: access to the skill sets consistent with the programming languages used by the organization.. The third party needs to have access to the skill sets consistent with the programming languages used by the organization. The programming languages are the tools or the methods of creating, modifying, testing, and supporting the software applications that perform the functions o

Submitted by kavita_s· Mar 5, 2026Security and Risk Management

Question

Refer to the information below to answer the question. A large, multinational organization has decided to outsource a portion of their Information Technology (IT) organization to a third-party provider's facility. This provider will be responsible for the design, development, testing, and support of several critical, customer-based applications used by the organization. The third party needs to have

Options

  • Aprocesses that are identical to that of the organization doing the outsourcing.
  • Baccess to the original personnel that were on staff at the organization.
  • Cthe ability to maintain all of the applications in languages they are familiar with.
  • Daccess to the skill sets consistent with the programming languages used by the organization.

Explanation

The third party needs to have access to the skill sets consistent with the programming languages used by the organization. The programming languages are the tools or the methods of creating, modifying, testing, and supporting the software applications that perform the functions or the tasks required by the organization. The programming languages can vary in their syntax, semantics, features, or paradigms, and they can require different levels of expertise or experience to use them effectively or efficiently. The third party needs to have access to the skill sets consistent with the programming languages used by the organization, as it can ensure the quality, the compatibility, and the maintainability of the software applications that the third party is responsible for. The third party does not need to have processes that are identical to that of the organization doing the outsourcing, access to the original personnel that were on staff at the organization, or the ability to maintain all of the applications in languages they are familiar with, as they are related to the methods, the resources, or the preferences of the software development, not the skill sets consistent with the programming languages used by the organization.

Topics

#third-party risk management#vendor management#outsourcing security#contractual agreements

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CISSP PracticeBrowse All CISSP Questions