Question: Which of the following is the MOST important process that an information security manager needs to negotiate with an outsource service provider?
A.) The right to conduct independent security reviews
B.) A legally binding data protection agreement
C.) Encryption between the organization and the provider
D.) A joint risk assessment of the system

Download pdf (with explanations) edition of this exam.