CISM Certified Information Security Manager – Question1131

Which of the following is the BEST approach for an organization desiring to protect its intellectual property?

A.
Conduct awareness sessions on intellectual property policy
B. Require all employees to sign a nondisclosure agreement
C. Promptly remove all access when an employee leaves the organization
D. Restrict access to a need-to-know basis

Correct Answer: D

Explanation:

Explanation:
Security awareness regarding intellectual property policy will not prevent violations of this policy. Requiring all employees to sign a nondisclosure agreement and promptly removing all access when an employee leaves the organization are good controls, but not as effective as restricting access to a need-to- know basis.