Due to budget constraints, an internal IT application does not include the necessary controls to meet a client service level agreement (SLA).
Which of the following is the information security manager’s BEST course of action?
A. Inform the legal department of the deficiency.
B. Analyze and report the issue to senior management.
C. Require the application owner to implement the controls.
D. Assess and present the risks to the application owner.
Which of the following is the information security manager’s BEST course of action?
A. Inform the legal department of the deficiency.
B. Analyze and report the issue to senior management.
C. Require the application owner to implement the controls.
D. Assess and present the risks to the application owner.