GSNA · Question #342
GSNA Question #342: Real Exam Question with Answer & Explanation
The correct answer is B. Meet with IT management to determine possible areas of concern. C. Review the company's IT policies and procedures. D. Research all operating systems, software applications, and data center equipment operating. The auditor should be adequately educated about the company and its critical business activities before conducting a data center review. The objective of the data center is to align data center activities with the goals of the business while maintaining the security and integrity
Question
Options
- AReview the future IT organization chart.
- BMeet with IT management to determine possible areas of concern.
- CReview the company's IT policies and procedures.
- DResearch all operating systems, software applications, and data center equipment operating
Explanation
The auditor should be adequately educated about the company and its critical business activities before conducting a data center review. The objective of the data center is to align data center activities with the goals of the business while maintaining the security and integrity of critical information and processes. To adequately determine if whether or not the client's goal is being achieved, the auditor should perform the following before conducting the review: Meet with IT management to determine possible areas of concern. Review the current IT organization chart. Review job descriptions of data center employees. Research all operating systems, software applications, and data center equipment operating within the data center. Review the company's IT policies and procedures. Evaluate the company's IT budget and systems planning documentation. Review the data center's disaster recovery plan. Answer: A is incorrect. An auditor should review the current organization chart. Reviewing the future organization chart would not help in finding the current threats to the organization.
Community Discussion
No community discussion yet for this question.