Certified Information Systems Auditor (CISA) — Question 138

Which of the following would BEST enable an organization to address the security risks associated with a recently implemented bring your own device (BYOD) strategy?

Answer options

• A. Mobile device testing program
• B. Mobile device upgrade program
• C. Mobile device awareness program
• D. Mobile device tracking program

Correct answer: C

Explanation

A mobile device awareness program is crucial as it educates employees about potential security threats and safe practices while using their devices. The other options, while beneficial, do not directly address the need for awareness and education regarding security risks associated with BYOD, making them less effective in this context.