Question: 10. Perfect compliance with an IT Control Framework is not a guarantee of security because: The EU's General Data Protection Regulation superseded all other frameworks
10. Perfect compliance with an IT Control Framework is not a guarantee of security because:
| The EU's General Data Protection Regulation superseded all other frameworks | ||
| They do not address the Internet of Things (IoT) | ||
| None of the current IT Control Framework are certified by the US Federal Govt | ||
| New threats and vulnerabilities are constantly emerging |
11. During a physical security walkthrough, Elijah observed an employee step away from their desk for a couple of minutes. In the process, they left sensitive paper documents on their desk and on the screen of their unlocked computer. The employee's desk was located in a room that was open to the public and no other workers were present. In previous visits, Elijah had not noticed any problems of this type. When Elijah mentioned his observation to the employee, they stated they had only planned to be away for a few seconds to get a print-out, but that the printer jammed and it took a while to clear the problem. Logan suggested the employee be more careful in the future and made no notes on his work papers. Logan has issued what kind of finding?
| Minor Report Finding | ||
| Management Letter Finding | ||
| Personal Finding | ||
| Major Report Finding |
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help