An infrastructure team is at the end of a procurement process and has selected a vendor. As part of the final negotiations, there are a number of outstanding issues, including: 1. Indemnity clauses have identified the maximum liability 2. The data will be hosted and managed outside of the company's geographical location The number of users accessing the system will be small, and no sensitive data will be hosted in the solution. As the security consultant on the project, which of the following should the project's security consultant recommend as the NEXT step?
A) Develop a security exemption, as it does not meet the security policies
B) Mitigate the risk by asking the vendor to accept the in-country privacy principles
C) Require the solution owner to accept the identified risks and consequences
D) Review the entire procurement process to determine the lessons learned
Correct Answer:
Verified
Q1: An internal penetration tester was assessing a
Q2: A company has hired an external security
Q4: A financial consulting firm recently recovered from
Q5: A recent penetration test identified that a
Q6: A systems security engineer is assisting an
Q7: The Chief Information Security Officer (CISO) for
Q8: A user workstation was infected with a
Q9: An organization is in the process of
Q10: During a security assessment, an organization is
Q11: To prepare for an upcoming audit, the
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents