CRISC Certified in Risk and Information Systems Control – Question549

An organization uses a vendor to destroy hard drives. Which of the following would BEST reduce the risk of data leakage?

A.
Implement an encryption policy for the hard drives
B. Require the vendor to degauss the hard drives
C. Use an accredited vendor to dispose of the hard drives
D. Require confirmation of destruction from the IT manager

Correct Answer: D