Which of the following should be of MOST concern to an information security manager reviewing an organization's data classification program? A. The classifications do not follow industry best practices. B. Labeling is not consistent throughout the organization. C. The program allows exceptions to be granted. D. Data retention requirements are not defined. Suggested Answer: B This question is in CISM exam For getting Certified Information Security Manager Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by ISACA. The website does not contain actual questions and answers from ISACA's Certification Exams. Trademarks, certification & product names are used for reference only and belong to ISACA.
Please login or Register to submit your answer