When an organization is setting up a relationship with a third-party IT service provider, which of the followi

adminJanuary 30, 2019

When an organization is setting up a relationship with a third-party IT service provider, which of the following is one of the MOST important topics to include in the contract from a security standpoint?

A. Compliance with international security standards.

B. Use of a two-factor authentication system.

C. Existence of an alternate hot site in case of business disruption.

D. Compliance with the organizations information security requirements.

Explanation:

Prom a security standpoint, compliance with the organizations information security requirements is one of the most important topics that should be included in the contract with third-party service provider. The scope of implemented controls in any ISO 27001-compliant organization depends on the security requirements established by each organization. Requiring compliance only with this security standard does not guarantee that a service provider complies with the organizations security requirements. The requirement to use a specific kind of control methodology is not usually stated in the contract with third- party service providers.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISACA Exam Questions

Free ISACA Study Guide

When an organization is setting up a relationship with a third-party IT service provider, which of the followi

Leave a Reply Cancel reply