An organization decided to outsource its human resources function. As part of its process migration, the organization is implementing controls over sensitive employee data.
What would be the most appropriate directive control in this area?
A . Require a Service Organization Controls (SOC) report from the service provider
B . Include a data protection clause in the contract with the service provider.
C . Obtain a nondisclosure agreement from each employee at the service provider who will handle sensitive data.
D . Encrypt the employees ‘ data before transmitting it to the service provider
Answer: B
Latest IIA-CIA-Part3 Dumps Valid Version with 402 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund