Certified Information Systems Auditor (CISA) — Question 557

Which of the following information security requirements BEST enables the tracking of organizational data in a bring your own device (BYOD) environment?

Answer options

• A. Employees must immediately report lost or stolen mobile devices containing organizational data.
• B. Employees must use auto-lock features and complex passwords on personal devices.
• C. Employees must sign acknowledgment of the organization's mobile device acceptable use policy.
• D. Employees must enroll their personal devices in the organization's mobile device management program.

Correct answer: D

Explanation

The correct answer is D because enrolling personal devices in the organization's mobile device management program allows for comprehensive tracking and management of organizational data. Options A, B, and C, while important for security, do not provide the same level of oversight or control over the devices and data as option D does.