Which of the following was the cause of this situation?

An organization was fined due to an audit finding that revealed a third-party vendor was able to see secured project information in a recently implemented system.

Which of the following was the cause of this situation?
A . The ticket system provided access by default without any approval.
B . The project manager did not perform proper project planning.
C . The system is lacking proper access controls.
D . Sensitive data was incorrectly classified during the audit process.

View Answer

Answer: C

Explanation:

The system is lacking proper access controls if a third-party vendor was able to see secured project information in a recently implemented system that resulted in a fine for the organization. Access controls are security mechanisms that regulate who or what can view, use, or modify data or resources in a system or network. Access controls typically involve authentication and authorization processes that verify the identity and permissions of users or devices before granting them access. Access controls can help to protect data confidentiality, integrity, and availability and prevent unauthorized access, misuse, or theft12