CRISC Certified in Risk and Information Systems Control – Question424

Before implementing instant messaging within an organization using a public solution, which of the following should be in place to mitigate data leakage risk?

A.
An access control list
B. An acceptable usage policy
C. An intrusion detection system (IDS)
D. A data extraction tool

Correct Answer: B