An IS auditor has assessed a payroll service provider’s security policy and finds significant topics are missing.
Which of the following is the auditor’s BEST course of action?
A . Recommend the service provider update their policy.
B . Notify the service provider of the discrepancies.
C . Report the risk to internal management.
D . Recommend replacement of the service provider.
Answer: C
Latest CISA Dumps Valid Version with 2694 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund