CISA Certified Information Systems Auditor – Question2060

Which of the following is MOST appropriate to prevent unauthorized retrieval of confidential information stored in a business application system?

A.
Apply single sign-on for access control.
B. Enforce an internal data access policy.
C. Enforce the use of digital signatures.
D. Implement segregation of duties.

Correct Answer: B