CISM Certified Information Security Manager – Question0841

Of the following, who should have PRIMARY responsibility for assessing the security risk associated with an outsourced cloud provider contract?

A.
Information security manager
B. Compliance manager
C. Chief information officer
D. Service delivery manager

Correct Answer: D