What is the BEST course of action when an information security manager finds an external service provider has not implemented adequate controls for safeguarding the organization’s critical data?

What is the BEST course of action when an information security manager finds an external service provider has not implemented adequate controls for safeguarding the organization’s critical data?

December 23, 2021 by Admin

What is the BEST course of action when an information security manager finds an external service provider has not implemented adequate controls for safeguarding the organization’s critical data?

Assess the impact of the control gap.
Initiate contract renegotiations.
Purchase additional insurance.
Conduct a controls audit of the provider.

Leave a Reply Cancel reply

×