hiexam
isaca · CISM · Q425 · multiple_choice · topic_1

Which of the following is the MOST effective way to address an organization's security concerns during contract negotia…

Which of the following is the MOST effective way to address an organization's security concerns during contract negotiations with a third party?
  • A.Review the third-party contract with the organization's legal department.
  • B.Communicate security policy with the third-party vendor.
  • C.Ensure security is involved in the procurement process.
  • D.Conduct an information security audit on the third-party vendor.
Explanation
Selected Answer: C Ensuring security is involved in the procurement process is the most effective way to address an organization's security concerns during contract negotiations with a third party. Involving security personnel in the procurement process allows the organization to identify and address potential security risks early on, before a contract is signed. This helps ensure that security requirements are included in the contract and that the third-party vendor is aware of and committed to meeting the organization's security standards. By having security involved in the procurement process, the organization can also ensure that the third-party vendor has adequate security controls in place to protect sensitive information and critical assets. This can include reviewing the vendor's security policies, conducting security assessments, and verifying that the vendor is in compliance with relevant laws and regulations.

Reference: examtopics_top_comment

Practice with progress tracking

Sign in to track wrong answers, get spaced-repetition reminders, and run timed exam mode.

Start tracked practicePricing