Which of the following should be the Information Security Officer’s (ISO’s) recommendation?

The internal auditor at Company ABC has completed the annual audit of the company’s financial system. The audit report indicates that the accounts receivable department has not followed proper record disposal procedures during a COOP/BCP tabletop exercise involving manual processing of financial transactions.

Which of the following should be the Information Security Officer’s (ISO’s) recommendation? (Select TWO).
A . Wait for the external audit results
B . Perform another COOP exercise
C . Implement mandatory training
D . Destroy the financial transactions
E . Review company procedures

View Answer

Answer: C,E