An internal auditor is assessing the risks related to an organization's mobile device policy. She notes that the organization allows third parties (vendors and visitors) to use outside smart devices to access its proprietary networks and systems. Which of the following types of smart device risks should the internal auditor be most concerned about?
When an organization allows third parties to use their own smart devices to access its proprietary networks and systems, the most significant risk is related to privacy. Unauthorized access or data breaches can expose sensitive information, leading to privacy violations. This scenario represents a substantial risk to the confidentiality of the organization's data, which makes privacy a critical concern.
B seems more like the correct answer per this article: https://privacyrights.org/consumer-guides/bring-your-own-device-byod-your-own-risk
B is correct
Agree it's B. See GTAG: Auditing Smart devices.