CISA Certified Information Systems Auditor – Question0175

An IS auditor finds that confidential company data has been inadvertently leaked through social engineering. The MOST effective way to help prevent a recurrence of this issue is to implement:

A.
penalties to staff for security policy breaches.
B. a third-party intrusion prevention solution.
C. a security awareness program.
D. data loss prevention (DLP) software.

Correct Answer: C