Certified Information Systems Auditor (CISA) — Question 1325

Which of the following is a deterrent security control that reduces the likelihood of an insider threat event?

Answer options

• A. Removing malicious code
• B. Distributing disciplinary policies
• C. Creating contingency plans
• D. Executing data recovery procedures

Correct answer: B

Explanation

The correct answer, B, refers to the importance of having clear disciplinary policies in place, which can deter employees from engaging in malicious activities. Options A, C, and D focus on reactive or corrective measures rather than proactive deterrence against insider threats.