CISA Certified Information Systems Auditor – Question1140

Which of the following is the MOST effective control in an organization to mitigate the risk of insider misuse of personal devices?

A.
Security risk assessments
B. Periodic vulnerability scanning
C. Security awareness training
D. Comprehensive procedures on data security

Correct Answer: D