CISA Certified Information Systems Auditor – Question1181

Which of the following should be PRIMARILY included in a security training program for business process owners?

A.
Application vulnerabilities
B. List of security incidents reported
C. Application recovery time
D. Impact of security risks

Correct Answer: D