Which control activity should not be part of this review?

An internal auditor is reviewing physical and environmental controls for an IT organization.

Which control activity should not be part of this review?
A . Develop and test the organization’s disaster recovery plan.
B . Install and test fire detection and suppression equipment.
C . Restrict access to tangible IT resources.
D . Ensure that at least one developer has access to both systems and operations.

Answer: D

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments