A security company and service provider have merged, and the CEO has requested one comprehensive set of security policies be developed for the newly formed company. The IS auditor’s BEST recommendation would be to:
A. conduct a policy gap assessment.
B. adopt an industry standard security policy.
C. implement the service provider’s policies.
D. implement the security company’s policies.
A. conduct a policy gap assessment.
B. adopt an industry standard security policy.
C. implement the service provider’s policies.
D. implement the security company’s policies.