Senior Professional in Human Resources (SPHR) Certification 2025 – 400 Free Practice Questions to Pass the Exam

Writing a policy that prohibits the sharing of passwords is an effective data security mitigation effort because it establishes clear guidelines and expectations for employee behavior regarding sensitive information. By formally outlining the importance of password security and the potential risks associated with sharing passwords, the organization fosters a culture of accountability and vigilance around data protection. This policy serves as a preventative measure, helping to limit unauthorized access to systems and data, thereby reducing the risk of data breaches.

While other options may seem relevant, they do not offer the same level of proactive engagement with employees regarding data security practices. Computer monitoring systems can lead to privacy concerns and may not necessarily prevent data breaches, while purchasing EPL insurance addresses liability rather than directly mitigating data security risks. Not collecting data at all could eliminate the risk, but it also means potentially losing valuable insights and functionalities that data can provide to the organization. Therefore, the development and enforcement of a password-sharing policy directly contribute to securing sensitive information and is an essential aspect of an overall data security strategy.