Which of the following should be of GREATEST concern to the auditor?

During an audit of information security procedures of a large retailer’s online store, an IS auditor notes that operating system (OS) patches are automatically deployed upon release.

Which of the following should be of GREATEST concern to the auditor?
A . Patches are in conflict with current licensing agreements.
B . Patches are pushed from the vendor increasing Internet traffic.
C . Patches are not reflected in the configuration management database.
D . Patches are not tested before installation on critical servers.

View Answer

Answer: D