Answered step by step
Verified Expert Solution
Question
1 Approved Answer
QUESTION 23 The internal audit function in a Fortune 1000 company recently completed an audit of vulnerability management. One of the test objectives included
QUESTION 23 The internal audit function in a Fortune 1000 company recently completed an audit of vulnerability management. One of the test objectives included testing that IT operations complied with the policy requiring that all network facing technology assets (high-risk assets) be patched within 15 days of availability of the patch. Based on the audit results it appears that exception rate of patches tested is 25%. What recommendation should the auditor include in the internal audit report? A new control is needed for vulnerability management O The control is excessive and should be changed to the industry average of 30 days O Limit assets subject to the policy to enhance compliance O The control is ineffective and needs to be corrected
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Accounting Introduction To Financial Accounting
Authors: Henry Dauderis, David Annand
1st Edition
1517089719, 978-1517089719
