nerdexam
IIA

IIA-CIA-PART3 · Question #146

IIA-CIA-PART3 Question #146: Real Exam Question with Answer & Explanation

The correct answer is B. Drafting a strong contract that requires regular vendor control reports end a right-to-audit clause.. See the full explanation below for the reasoning.

Question

According to IIA guidance, which of the following would be the best first stop to manage risk when a third party is overseeing the organization's network and data?

Options

  • ACreating a comprehensive reporting system for vendors to demonstrate their ongoing due
  • BDrafting a strong contract that requires regular vendor control reports end a right-to-audit clause.
  • CApplying administrative privileges to ensure right to access controls are appropriate.
  • DCreating a standing cyber-security committee to identify and manage risks related to data security

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full IIA-CIA-PART3 Practice