CISA Exam - Question 354

A as per https://www.isaca.org/resources/isaca-journal/issues/2017/volume-4/mobile-workforce-security-considerations-and-privacy#:~:text=The%20biggest%20risk%20in%20this,possession%20of%20the%20remote%20employees.

Should be A

An Information Systems (IS) auditor would consider the greatest risk associated with a mobile workforce environment to be security. A mobile workforce environment increases the risk of unauthorized access to sensitive information, loss of data due to device theft or loss, and exposure to malware and other cyber threats. To address these risks, an IS auditor would recommend implementing strong security controls such as encryption, remote wipe, and two-factor authentication to ensure the protection of sensitive information. They may also suggest conducting regular security audits and training employees on best practices for mobile device security.

a is answer

Loss or damage to the organization's assets

A. Loss or damage to the organization's assets

In a mobile workforce environment, employees often use various mobile devices and access corporate resources remotely. This increases the risk of loss or damage to the organization's assets, including sensitive data, intellectual property, and physical devices. Mobile devices are more prone to loss or theft due to their portability, and if they contain sensitive corporate information, such incidents can have significant consequences for the organization, including financial losses, reputational damage, and regulatory penalties.