December 16, 2021 by Admin
An IS audit manager has been advised that hackers have entered the company’s e-commerce server a number of times in the past month. The IS audit group does not have the expertise necessary to investigate this situation. The IS audit manager should:
- obtain support by contracting external resources.
- have network security staff conduct the audit.
- have IS management proceed immediately with control self-assessment (CSA).
- decline the request on the basis that the staff is not prepared for the task.