CISA Certified Information Systems Auditor – Question2763
An IS auditor reviewing an outsourcing contract of IT facilities would expect it to define the: A. hardware configuration. B. access control software. C. ownership of intellectual property. D. application development methodology.
Correct Answer: C
Explanation:
Explanation:
Of the choices, the hardware and access control software is generally irrelevant as long as the functionality, availability and security can be affected, which are specific contractual obligations. Similarly, the development methodology should be of no real concern. The contract must, however, specify who owns the intellectual property (i.e., information being processed, application programs). Ownership of intellectual property will have a significant cost and is a key aspect to be defined in an outsourcing contract.
Please disable your adblocker or whitelist this site!