An infrastructure team is at the end of a procurement process and has selected a vendor. As part of the final negotiation, there are a number of outstanding issues, including: 1. Indemnity clauses have identified the maximum liability. 2. The data will be hosted and managed outside of the company's geographical location. The number of users accessing the system will be small, and no sensitive data will be hosted in the solution. As the security consultant of the project, which of the following should the project's security consultant recommend as the NEXT step?
A) Develop a security exemption, as it does not meet the security policies.
B) Require the solution owner to accept the identified risks and consequences.
C) Mitigate the risk by asking the vendor to accept the in-country privacy principles.
D) Review the procurement process to determine the lessons learned.
Correct Answer:
Verified
Q251: A penetration testing manager is contributing to
Q252: A laptop is recovered a few days
Q253: A request has been approved for a
Q254: A financial institution's information security officer is
Q255: An infrastructure team within an energy organization
Q257: A security analyst works for a defense
Q258: An organization is deploying IoT locks, sensors,
Q259: A large, public university has recently been
Q260: An external red team member conducts a
Q261: During a sprint, developers are responsible for
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents