Certified Information Systems Auditor (CISA) — Question 1015

Which of the following BEST facilitates compliance with requirements mandating the security of confidential data?

Answer options

• A. Encryption of external data transmissions
• B. Standardized escalation protocols for breaches
• C. Classification of data
• D. Signed acknowledgment of security policies

Correct answer: C

Explanation

The correct answer is C, as classifying data helps identify which information is sensitive and requires protection, thereby aiding in compliance. While encryption (A) secures data in transit, it does not address all compliance needs. Standardized protocols for breaches (B) are important for response but do not prevent data exposure, and signed acknowledgments (D) are only formal agreements, lacking the proactive measures necessary for compliance.