As a project manager overseeing a project that handles sensitive trade secrets, a team member requests access to certain confidential files. What should you do before granting access?
Confirm the team member's need-to-know and appropriate clearance before granting access
Provide the files since they are part of the project team
Require the team member to sign a nondisclosure agreement before sharing the files
Deny the request to prevent any risk of information leakage
Before granting access to sensitive information like trade secrets, it is important to confirm that the team member has both the appropriate clearance and a legitimate need-to-know. This ensures that only authorized individuals access confidential data, reducing the risk of unauthorized disclosure. Simply providing the files because they are part of the team ignores the principle of least privilege. Denying the request outright could hinder project progress if the team member genuinely needs the information to perform their duties. Requiring a nondisclosure agreement may be necessary, but it does not replace the need to verify clearance and need-to-know.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 'need-to-know' mean in the context of sensitive information?
Open an interactive chat with Bash
What is appropriate clearance when handling confidential files?
Open an interactive chat with Bash
Why is the principle of least privilege important in project management?