Mysystem.org IT ExamsCISM Question 163 2017-04-06
Question: An organization plans to outsource its customer relationship management (CRM) to a third-party service provider. Which of the following should the organization do FIRST?
A.) Request that the third-party provider perform background checks on their employees.
Answer ==> B.) Perform an internal risk assessment to determine needed controls.
C.) Audit the third-party provider to evaluate their security controls.
D.) Perform a security assessment to detect security vulnerabilities.