An IS auditor is assessing an organization’s data loss prevention (DLP) solution for protecting intellectual property from insider theft. Which of the following would the auditor consider MOST important for effective data protection?
A. Employee training on information handling
B. Creation of DLP policies and procedures
C. Encryption of data copied to flash drives
D. Identification and classification of sensitive data
A. Employee training on information handling
B. Creation of DLP policies and procedures
C. Encryption of data copied to flash drives
D. Identification and classification of sensitive data