Following a recent internal data breach, an IS auditor was asked to evaluate information security practices within the organization. Which of the following findings would be MOST important to report to senior management?
A. Employees are not required to sign a non-compete agreement.
B. Security education and awareness workshops have not been completed.
C. Users lack technical knowledge related to security and data protection.
D. Desktop passwords do not require special characters.
A. Employees are not required to sign a non-compete agreement.
B. Security education and awareness workshops have not been completed.
C. Users lack technical knowledge related to security and data protection.
D. Desktop passwords do not require special characters.