CISA Certified Information Systems Auditor – Question1343

What is the PRIMARY objective of performing a vulnerability assessment following a business system update?

A.
Update the threat landscape
B. Review the effectiveness of controls
C. Determine operational losses
D. Improve the change control process

Correct Answer: D