Are you studying for the CISA certification?

Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.

Upgrade Account

In the course of performing an Information Security audit an auditor confirms that the organization has an enterprise information security policy. However, interviews indicate that not all employees are aware of the organization's information security policy. What conclusion should the auditor make regarding this finding?

This lack of knowledge may lead to unintentional disclosure of sensitive information.

IS audit should provide mandatory security training to the employees.

Information security is not viewed as critical to all functions.

The audit finding will cause management to enhance training to staff.

Explanation

Directory

Skillset helps you pass your certification exam.

Contributions and Interactions
Practice Questions

Study thousands of practice questions that organized by skills and ranked by difficulty.

Contributions and Interactions
Personalized Training

Create a tailored training plan based on the knowledge you already possess.

Training Video Selector
Exam Readiness

Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.

Get A Free Skillset Account