Which of the following MUST be verified by the Information Security Department?

CISSP 0 Comments

An organization is selecting a service provider to assist in the consolidation of multiple computing sites including development, implementation and ongoing support of various computer systems.

Which of the following MUST be verified by the Information Security Department?
A . The service provider’s policies are consistent with ISO/IEC27001 and there is evidence that the service provider is following those policies.
B . The service provider will segregate the data within its systems and ensure that each region’s policies are met.
C . The service provider will impose controls and protections that meet or exceed the current systems controls and produce audit logs as verification.
D . The service provider’s policies can meet the requirements imposed by the new environment even if they differ from the organization’s current policies.

Answer: D

Latest CISSP Dumps Valid Version with 981 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CISSP PDF     CISSP Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments