CISSP PRACTICE QUESTIONS – 20201213

Which of the following is the best role responsible for ensuring compliance in an organization with laws and regulations, industrial standards, contractual requirements, organizational policies, and code of ethics through independent assessments?
A. Senior management
B. The board of director
C. First-tier customers
D. Audit committee

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Audit committee.

The head of the internal audit department typically reports functionally to the audit committee of the board of directors, with administrative reporting to the chief executive officer. His or her job title can be chief audit executive (CAE), director of the (internal) audit, auditor general, or controller general.

The role of the audit committee

* Oversight of financial reporting and related internal controls
* Review of filings and earnings releases
* Risk oversight
* Oversight of the independent auditor
* Ethics and compliance
* Oversight of internal audit
* Other interactions with management and the board
* Audit committee external communications

Source: Deloitte

Reference

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

以下哪個角色是負責通過獨立評鑑,以確保組織遵守法律法規,工業標準,合同要求,組織政策和道德規範的最佳角色?
A. 高階主管
B. 董事會
C. 重要的一線客戶
D. 稽核委員會

Leave a Reply