Certified Information Systems Auditor (CISA) — Question 439

Which of the following BEST protects an organization's proprietary code during a joint-development activity involving a third party?

Answer options

• A. Privacy agreement
• B. Statement of work (SOW)
• C. Nondisclosure agreement (NDA)
• D. Service level agreement (SLA)

Correct answer: C

Explanation

A Nondisclosure Agreement (NDA) is specifically designed to protect confidential information, making it the best choice for safeguarding proprietary code. While a Privacy Agreement focuses on personal data, a Statement of Work (SOW) outlines project details, and a Service Level Agreement (SLA) defines service expectations, none of these provide the same level of confidentiality as an NDA.