IT service engineers at a large organization are unable to effectively prioritize system-generated alerts from hundreds of applications running across multiple servers and databases.
As a result, many alerts are often ignored, leading to major problems including downtime.
Which of the following is the BEST IS audit recommendation to address this situation?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
The best IS audit recommendation to address the situation where IT service engineers are unable to effectively prioritize system-generated alerts from hundreds of applications running across multiple servers and databases is to develop a classification scheme that prioritizes alerts according to potential business impact. Option C is, therefore, the correct answer.
Explanation:
Option A is incorrect because prioritizing alerts from legacy applications that may require remote support from external vendors alone does not address the larger issue of prioritizing all alerts generated by hundreds of applications. The recommendation is too narrow in scope and does not cover alerts from other applications that may also require immediate attention.
Option B is also incorrect because implementing a threshold management system that prioritizes alerts over a certain age does not take into account the potential impact of the alert on the business. Some alerts, regardless of age, may have a more significant impact on business operations and need to be addressed immediately.
Option D is not the best recommendation because grouping alerts from related systems and immediately escalating them to the application owner does not take into account the potential impact of the alert on the business. Alert grouping does not provide a clear picture of which alerts should be addressed first and can result in alerts being overlooked or ignored.
Developing a classification scheme that prioritizes alerts according to potential business impact is the best recommendation because it ensures that IT service engineers are aware of which alerts should be addressed first, based on their potential impact on business operations. This recommendation requires an assessment of the criticality of each application and the potential impact of alerts generated by these applications on the organization. It allows for a prioritization process that is tailored to the organization's needs and provides a clear understanding of which alerts require immediate attention.