Improving Accountability for System Administrators in Information Security | CISM Exam Preparation

Best Option to Improve Accountability for a System Administrator with Security Functions

Prev Question Next Question

Question

Which of the following would be the BEST option to improve accountability for a system administrator who has security functions?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

A.

The first step to improve accountability is to include security responsibilities in a job description.

This documents what is expected and approved by the organization.

The other choices are methods to ensure that the system administrator has the training to fulfill the responsibilities included in the job description.

Of the options provided, the best option to improve accountability for a system administrator who has security functions would be A: including security responsibilities in the job description. This is because including security responsibilities in the job description makes it clear to the administrator that security is a core aspect of their job responsibilities and that they are accountable for it.

While options B, C, and D may also contribute to improving accountability, they are not as effective as option A. Requiring the administrator to obtain security certification may improve their knowledge and skills, but it does not necessarily guarantee that they will apply this knowledge effectively. Training the administrator on penetration testing and vulnerability assessment or risk assessment may also improve their skills, but it does not necessarily make them accountable for the security of the system.

It is important to note that improving accountability for security functions is a multifaceted process that involves various measures, including clearly defining roles and responsibilities, implementing security policies and procedures, conducting regular security assessments, and providing ongoing training and support.