Who should authorize changing this threshold?

Posted by: Pdfprep Category: CRISC Tags: , , Post Date: October 29, 2020

An organization has implemented a preventive control to lock user accounts after three unsuccessful login attempts. This practice has been proven to be unproductive, and a change in the control threshold value has been recommended.

Who should authorize changing this threshold?
A . Control owner
B . IT security manager
C . Risk owner
D . IT system owner

Answer: A

Author

Leave a Reply

Your email address will not be published.