New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CISA Exam - Topic 5 Question 22 Discussion

Actual exam question for Isaca's CISA exam
Question #: 22
Topic #: 5
[All CISA Questions]

A banking organization has outsourced its customer data processing facilities to an external service provider. Which of the following roles is accountable for ensuring the security of customer data?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Garry at May 06, 2022, 10:46 AM

Limited Time Offer

25%

Off

Get Premium CISA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Carrol
4 months ago
Isn't it a shared responsibility between the bank and the provider?
upvoted 0 times
...
Blondell
4 months ago
Wait, can the service provider really be trusted with our data?
upvoted 0 times
...
Vincenza
4 months ago
I think the vendor risk manager has a big role too.
upvoted 0 times
...
Devorah
4 months ago
Totally agree, they set the policies!
upvoted 0 times
...
Amie
5 months ago
The bank's senior management is ultimately accountable.
upvoted 0 times
...
Dominga
5 months ago
I’m leaning towards the bank's vendor risk manager, but I wonder if the service provider's data processor has any accountability in this situation.
upvoted 0 times
...
Catherin
5 months ago
I remember a practice question where the vendor risk manager had a significant role in overseeing third-party risks. Could that apply here?
upvoted 0 times
...
Nana
5 months ago
I think the bank's senior management should be accountable since they ultimately oversee all operations, but I'm not entirely sure.
upvoted 0 times
...
Kathryn
5 months ago
The service provider's data privacy officer sounds like a good choice, but I feel like the bank should have some responsibility too.
upvoted 0 times
...
Mindy
5 months ago
I think this is a straightforward question. The key is to identify the two products that are included in Microsoft Relationship Sales. I'll carefully review the options and select the correct answers.
upvoted 0 times
...
Deandrea
5 months ago
Hmm, this is a tricky one. I'm not totally sure, but I'm leaning towards identifying the business requirements for the data. That seems like it would be a key first step before deciding what to collect.
upvoted 0 times
...
Gail
5 months ago
This question reminds me of a similar one we practiced where the calculation results depended on previous data items. I wonder if that's the case here too.
upvoted 0 times
...
Sunny
5 months ago
Ah, I see now. The missing step is A - pulling/pushing the image to the Docker registry. That makes sense, as we need to get the container image into the right place before we can deploy it.
upvoted 0 times
...

Save Cancel