CISA Certified Information Systems Auditor – Question0275

Which of the following findings should be an IS auditor’s GREATEST concern when reviewing an organization’s purchase of new IT infrastructure hardware?

A.
The new infrastructure arrived with default system settings.
B. The new infrastructure has residual risk within the organization’s risk tolerance.
C. The new infrastructure’s hardening requirements are stronger than required by policy.
D. The new infrastructure has compatibility issues with existing systems.

Correct Answer: D