Exin ISMP Exam - Topic 3 Question 20 Discussion

Actual exam question for Exin's ISMP exam

Question #: 20
Topic #: 3

[All ISMP Questions]

Security monitoring is an important control measure to make sure that the required security level is maintained. In order to realize 24/7 availability of the service, this service is outsourced to a partner in the cloud.

What should be an important control in the contract?

AThe network communication channel is secured by using encryption.

CThe third party is certified for adhering to privacy protection controls.

BThe third party is certified against ISO/IEC 27001.

DYour IT auditor has the right to audit the external party's service management processes.

Show Suggested Answer

Suggested Answer: D

by Leeann at Jan 24, 2026, 08:59 AM

Limited Time Offer

25%

Off

Get Premium ISMP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Augustine

7 days ago

I'm not entirely sure, but I remember something about including incident response times in the contract. That seems crucial for security monitoring.

upvoted 0 times

...

Brigette

13 days ago

I think one important control in the contract should be the Service Level Agreement (SLA) that specifies uptime guarantees.

upvoted 0 times

...

Glenn

18 days ago

The big thing for me would be access controls and privileged user management. Gotta make sure only authorized personnel can access the security data.

upvoted 0 times

...

Aliza

23 days ago

I'm a bit unsure on this one. Maybe I'd ask about how the cloud provider will ensure 24/7 availability and redundancy of the security monitoring service.

upvoted 0 times

...