CISM Certified Information Security Manager – Question0714

Which of the following MUST be established before implementing a data loss prevention (DLP) system?

A.
Privacy impact assessment
B. A data backup policy
C. Data classification
D. A data recovery policy

Correct Answer: C