An organization allows employees to use personally owned mobile devices to access customers' personal information. Which of the following is MOST important for an IS auditor to verify?
An organization allows employees to use personally owned mobile devices to access customers' personal information. Which of the following is MOST important for an IS auditor to verify?
When employees are allowed to use personally owned mobile devices to access customers' personal information, the priority must be to ensure that the information is secure and protected from unauthorized access. Implementing mobile device security policies is the most important action an organization can take to safeguard sensitive data. These policies can address various aspects such as encryption, password management, remote wipe capabilities, and other security measures that are crucial for maintaining data integrity and confidentiality. This is more critical than simply having employees sign an acceptable use policy or checking device compatibility and storage capabilities.
Allowing employees to use personally owned mobile devices to access customers' personal information can increase the risk of unauthorized access or disclosure of the information. Therefore, it is critical that the organization implements appropriate security policies and controls to protect the information.
seems answer is D
An employee BYOD agreement or acceptable use agreement (AUA) should require the employee to agree with the items in the policy before the device can be used for business purposes. Since it's a personal device and not a company mobile device, enforcing security policies might not be possible
This is apt… thinking about personal experience, I only signed acceptable use agreement and now aware of any security policy
Yes, even i think it should be D
Also think D is the answer
a is correct
d is correct
D. Mobile device security policies have been implemented
Acceptable usage policy is a part of Information security policy. If security policy is implemented, it takes care of option "A". Hence my answer will be "D".
D. makes more sense for me