CISM Certified Information Security Manager – Question1038

Which of the following would BEST help to ensure compliance with an organization’s information security requirements by an IT service provider?

A.
Requiring an external security audit of the IT service provider
B. Defining information security requirements with internal IT
C. Requiring regular reporting from the IT service provider
D. Defining the business recovery plan with the IT service provider

Correct Answer: A