CISA Certified Information Systems Auditor – Question0613

Which of the following is the BEST way to demonstrate to senior management that organizational security practices comply with industry standards?

A.
A report on the maturity of controls
B. Up-to-date policy and procedures documentation
C. Existence of an industry-accepted framework
D. Results of an independent assessment

Correct Answer: D