CompTIA CASP+ (CAS-004) — Question 263

An internal security assessor identified large gaps in a company’s IT asset inventory system during a monthly asset review. The assessor is aware of an external audit that is underway. In an effort to avoid external findings, the assessor chooses not to report the gaps in the inventory system. Which of the following legal considerations is the assessor directly violating?

Answer options

• A. Due care
• B. Due diligence
• C. Due process
• D. Due notice

Correct answer: A

Explanation

The correct answer is A, due care, as it refers to the responsibility to act with a reasonable level of caution and attention in managing an organization’s assets. By choosing not to report the gaps, the assessor is failing to uphold this obligation. Options B, C, and D are not directly applicable in this context, as they pertain to different legal standards and procedures.