Certified Information Security Manager (CISM) — Question 403

A small organization with limited budget hires a new information security manager who finds the same IT staff member is assigned the responsibility of system administrator, security administrator, database administrator, and application administrator. What is the manager's BEST course of action?

Answer options

• A. Formally document IT administrator activities.
• B. Automate user provisioning activities.
• C. Maintain strict control over user provisioning activities.
• D. Implement monitoring of IT administrator activities.

Correct answer: D

Explanation

The best course of action is to implement monitoring of IT administrator activities to ensure that their actions are being tracked and any potential security risks can be identified. While documenting activities, automating tasks, or controlling user provisioning are all important, they do not provide the immediate oversight needed given the concentration of responsibilities in one individual.