CISA Certified Information Systems Auditor – Question1435

Which of the following provides the framework for designing and developing logical access controls?

A.
Information systems security policy
B. Access control lists
C. Password management
D. System configuration files

Correct Answer: A

Explanation:

Explanation:
The information systems security policy developed and approved by an organization’s top management is the basis upon which logical access control is designed and developed. Access control lists, password management and systems configuration files are tools for implementing the access controls.