IT Examiner School eBook

Internal Use Only

Knowledge Check

Which of the following is not a risk mitigation tool?

A. Independent Audits B. Policies, Standards, and Procedures C. System and Application monitoring D. Dual controls/separation of duties E. All of the above F. None of the above

23

Internal Use Only

Compliance

Gramm-Leach-Bliley Act • Interagency Guidelines Establishing Information Security Standards Fair and Accurate Credit Transactions Act ID Theft Prevention and Red Flags • Interagency Guidelines on Identity Theft Detection, Prevention & Mitigation