Which of the following would BEST provide an information security manager with sufficient assurance that a service provider complies with organization’s information security requirements?
A. A live demonstration of the third-party supplier’s security capabilities
B. Third-party security control self-assessment results
C. An independent review report indicating compliance with industry standards
D. The ability to audit the third-party supplier’s IT systems and processes
A. A live demonstration of the third-party supplier’s security capabilities
B. Third-party security control self-assessment results
C. An independent review report indicating compliance with industry standards
D. The ability to audit the third-party supplier’s IT systems and processes