CISA Certified Information Systems Auditor – Question2040

When providing a vendor with data containing personally identifiable information (PII) for offsite testing, the data should be:

A. current
B. encrypted.
C. sanitized.
D. backed up.

Correct Answer: B