🔥 3-day streak
ISACA CISM — Certified Information Security Manager62 / 121
Question 62 of 121

An organization is finalizing a contract with a SaaS provider that will process sensitive customer data. During review, the information security manager notices the agreement contains no provision allowing the organization to validate the vendor's ongoing security posture. Which contractual element is MOST important to add before signing?

Reviewed for accuracy · Report an issueNext question