CISA Certified Information Systems Auditor – Question2641

Which of the following would be MOST important to include in a data security policy to adequately manage the privacy of customer information?

A.
Information classification criteria
B. Encryption technology
C. Backup strategy
D. Data ownership

Correct Answer: A