Addressing Hackers' Infiltration: Expertise Gap and IS Audit Manager's Role

A.

The correct answer is A. obtain support by contracting external resources.

Explanation: In this scenario, it is clear that the IS audit group lacks the expertise required to investigate the situation where hackers have entered the company's e-commerce server multiple times in the past month. The IS audit manager has the responsibility to take appropriate measures to address this situation.

Option B suggests having network security staff conduct the audit, but it is not clear if the organization has such staff and whether they have the necessary skills to handle the situation.

Option C suggests having IS management proceed immediately with control self-assessment (CSA), but this option is not appropriate as it does not address the issue at hand, which is the potential security breach caused by hackers.

Option D suggests declining the request on the basis that the staff is not prepared for the task, which is not a proactive approach to solving the problem.

Therefore, the best course of action for the IS audit manager is to obtain support by contracting external resources who have the necessary expertise to investigate the situation and recommend appropriate measures to address the potential security breach caused by hackers. This approach would help the organization to identify the root cause of the issue and take proactive measures to prevent future incidents.