An IS auditor finds that firewalls are outdated and not supported by vendors. Which of the following should be the auditor’s NEXT course of action?
A. Determine the value of the firewall.
B. Report the security posture of the organization.
C. Report the mitigating controls.
D. Determine the risk of not replacing the firewall.
A. Determine the value of the firewall.
B. Report the security posture of the organization.
C. Report the mitigating controls.
D. Determine the risk of not replacing the firewall.