During a security audit of IT processes, an IS auditor found that there was no documented security procedures. What should the IS auditor do?

Posted by: Pdfprep Category: 312-50v9 Tags: CEH V9, 312-50v9 exam questions, 312-50v9 practice exam Post Date: December 6, 2020

During a security audit of IT processes, an IS auditor found that there was no documented security procedures. What should the IS auditor do?
A . Terminate the audit.
B . Identify and evaluate existing practices.
C . Create a procedures document
D . Conduct compliance testing

Answer: B

Author

Pdfprep