CISA Certified Information Systems Auditor – Question2106

To protect information assets, which of the following should be done FIRST?

A.
Restrict access to data
B. Encrypt data
C. Classify data
D. Back up data

Correct Answer: C