Certified Information Systems Auditor (CISA) — Question 460

An employee has accidentally posted confidential data to the company's social media page. Which of the following is the BEST control to prevent this from recurring?

Answer options

• A. Establish two-factor access control for social media accounts.
• B. Implement a moderator approval process.
• C. Require all updates to be made by the marketing director.
• D. Perform periodic audits of social media updates.

Correct answer: B

Explanation

The correct answer is B, as implementing a moderator approval process ensures that all content is reviewed before it goes live, which significantly reduces the risk of accidental postings of sensitive information. Options A and C may enhance security but do not directly prevent the posting of confidential data, while option D focuses on after-the-fact checks rather than proactive prevention.