What is the BEST way for an IS auditor to test the effectiveness of physical security controls for an organization's data center?
What is the BEST way for an IS auditor to test the effectiveness of physical security controls for an organization's data center?
Conducting an onsite inspection of physical security at the data center is the best way for an IS auditor to test the effectiveness of physical security controls. This method allows the auditor to directly observe and evaluate all aspects of security, including entrance controls, surveillance systems, physical barriers, and any potential vulnerabilities. It provides a comprehensive understanding of how these controls function in practice, ensuring they meet the required standards and protect the data center effectively.
C. Conduct an onsite inspection of physical security at the data center
An onsite inspection allows the auditor to directly observe and evaluate the various layers of physical security controls