Certified in Risk and Information Systems Control (CRISC) — Question 178

Which of the following BEST indicates the effectiveness of an organization's data loss prevention (DLP) program?

Answer options

• A. Reduction in financial impact associated with data loss incidents
• B. Reduction in the number of false positives and false negatives
• C. Reduction in the number of approved exceptions to the DLP policy
• D. Reduction in the severity of detected data loss events

Correct answer: B

Explanation

Option B is correct because a reduction in false positives and false negatives directly indicates that the DLP program is accurately identifying threats and reducing unnecessary alerts. The other options, while relevant to data loss, do not directly measure the accuracy and effectiveness of the DLP's detection capabilities.