Certified in Risk and Information Systems Control (CRISC) — Question 949

Which of the following is the PRIMARY reason for an organization to include an acceptable use banner when users log in?

Answer options

• A. To enable rapid discovery of insider threat
• B. To reduce the likelihood of insider threat
• C. To eliminate the possibility of insider threat
• D. To reduce the impact of insider threat

Correct answer: B

Explanation

The correct answer is B because an acceptable use banner serves as a reminder to users about proper conduct, which can help deter malicious actions. Options A and D focus on detection and impact reduction, but do not address prevention. Option C suggests that insider threats can be completely eliminated, which is unrealistic.