Your company is about to upgrade it databases through a third party. You have been asked to ensure that no sensitive information is compromised throughout the project. The project manager must also ensure that internal controls are set to mitigate the potential damage that one individual's actions may cause. Which of the following needs to be put in place to make certain both organizational
requirements are met?
A. job rotation and NDA
B. job rotation and MOU
C. separation of duties and NDA
D. separation of duties and MOU
C
Explanation: To make certain that both organizational requirements are met, you should implement separation of duties and a non-disclosure agreement (NDA).
While job rotation is important, separation of duties is more important. A memorandum of understanding (MOU) is an agreement between two companies that defines the services each will provide the other.
You might also like to view...
Which of the following is not a standard that is referenced or has a correlation with the ISO 12207 regarding quality management processes?
A. ISO/IEC 15288 B. ISO/IEC 15504 C. ISO 9001:2000 D. ISO 8001:2004
Answer the following statements true (T) or false (F)
1. A function call is a valid statement 2. A user-defined function can call library functions or user-defined functions 3. An actual output argument must be of the same pointer data type as the corresponding formal parameter. 4. Insertion of stubs is a part of top-down testing 5. An expression cannot be used as an actual argument in a call to a function.
The caption-position property is used to position a caption above or below a table.
Answer the following statement true (T) or false (F)
Intrusion detection is an example of a strategy for improving system survivability based on knowledge gained from intrusions.
Answer the following statement true (T) or false (F)