CRISC Certified in Risk and Information Systems Control – Question300

Sensitive data has been lost after an employee inadvertently removed a file from the premises, in violation of organizational policy. Which of the following controls MOST likely failed?

A.
Background checks
B. Awareness training
C. User access
D. Policy management

Correct Answer: B