Certified Information Systems Auditor (CISA) — Question 155

Which of the following is MOST effective for controlling visitor access to a data center?

Answer options

• A. Visitors sign in at the front desk upon arrival
• B. Pre-approval of entry requests
• C. Visitors are escorted by an authorized employee
• D. Closed-circuit television (CCTV) is used to monitor the facilities

Correct answer: C

Explanation

Option C is the best choice because having visitors escorted by an authorized employee ensures direct supervision and accountability, minimizing the risk of unauthorized access. While options A and B provide some level of control, they do not offer the same immediate oversight. Option D, although useful for monitoring, does not prevent unauthorized access by itself.