CISA Certified Information Systems Auditor – Question0822

A start-up organization wants to develop a data loss prevention program (DLP). The FIRST step should be to implement:

A.
data encryption.
B. access controls.
C. data classification.
D. security awareness training.

Correct Answer: C