December 10, 2021 by Admin
Following a major IT incident that resulted in a loss to the enterprise, a CIO is preparing for a meeting with the board of directors to discuss what may have failed internally. Which of the following should the CIO do FIRST to provide assurance to the board?
- Review the IT control environment.
- Ensure IT and enterprise risk management alignment.
- Review the incident response policy.
- Verify continuous monitoring is being performed.