Certified Information Systems Auditor (CISA) — Question 847

During an organization's implementation of a data loss prevention (DLP) solution, which of the following activities should be completed FIRST?

Answer options

• A. Configuring rule sets
• B. Enabling detection points
• C. Establishing exceptions workflow
• D. Configuring reports

Correct answer: B

Explanation

The first step in implementing a DLP solution is to enable detection points, as these are essential for identifying potential data loss incidents. Without detection points, the subsequent steps like configuring rule sets or establishing workflows would lack context and effectiveness. The other options are important but depend on having detection points in place first.