A company is concerned with supply chain compromise of new servers and wants to limit this risk. Which of the following should the company review first?

Rationale

Acquisition process

The acquisition process is the most critical stage for a company aiming to limit supply chain risks, as it involves the initial selection and procurement of servers from suppliers. By thoroughly reviewing this process, the company can ensure that they are sourcing from reputable vendors and implementing appropriate security measures from the outset.

A (Sanitization procedure) YOUR ANSWER

The sanitization procedure is important for ensuring that data is properly erased from devices before disposal or reuse. However, it addresses risks associated with data security post-acquisition rather than supply chain vulnerabilities during the procurement of new servers. Therefore, while vital, it is not the first step in mitigating supply chain compromise.

B (Acquisition process) CORRECT

As previously stated, the acquisition process is foundational in mitigating supply chain risks. It sets the stage for all subsequent security measures and determines the quality and reliability of the hardware sourced. A thorough review of this process can uncover potential vulnerabilities in vendor selection, contractual agreements, and compliance with security standards.

C (Change management) YOUR ANSWER

Change management focuses on how changes to systems and processes are handled within an organization. While it is essential for maintaining security and operational integrity after systems are in place, it does not directly address the initial risks associated with acquiring new servers. Thus, it is not the immediate concern when looking to limit supply chain compromise.

D (Asset tracking) YOUR ANSWER

Asset tracking involves monitoring and managing company assets throughout their lifecycle. While it contributes to security and accountability, it primarily deals with the management of assets post-acquisition. Therefore, it is not the first line of defense against supply chain risks, which originate during the acquisition phase.

Conclusion

To effectively mitigate supply chain risks associated with new servers, a company should prioritize reviewing its acquisition process. This initial step is essential for establishing a secure foundation, ensuring that only reputable vendors are chosen, and that appropriate security protocols are in place before any hardware is integrated into the system. Other processes like sanitization, change management, and asset tracking play crucial roles but come after the acquisition phase in the risk management hierarchy.

A company is concerned with supply chain compromise of new servers and wants to limit this risk. Which of the following should the company review first?

Acquisition process

Related Questions

Related Quizzes

How familiar were you with this question?

Report an Issue

Rate this Practice Test