Which of the following is MOST important for the IS auditor to verify when reviewing the development process of a security policy?

December 17, 2021 by Admin

Which of the following is MOST important for the IS auditor to verify when reviewing the development process of a security policy?

  • Evidence of active involvement of key stakeholders
  • Output from the enterprise’s risk management system
  • Identification of the control framework
  • Evidence of management approval

Leave a Reply