Certified Information Systems Auditor (CISA) — Question 1438

Which of the following would an IS auditor recommend as the MOST effective preventive control to reduce the risk of data leakage?

Answer options

• A. Validate that all data files contain digital watermarks.
• B. Implement an intrusion detection system (IDS).
• C. Ensure that paper documents are disposed securely.
• D. Verify that application logs capture any changes made.

Correct answer: A

Explanation

The most effective preventive control for reducing the risk of data leakage is to validate that all data files contain digital watermarks, as this helps track and protect sensitive information. An IDS detects intrusions but does not prevent data from being leaked. Secure disposal of paper documents and capturing changes in application logs are important but do not directly prevent data leakage.