Insider risk management in Microsoft 365 benefits organisations addressing internal risks, such as Intellectual Property theft, fraud, sabotage etc. A credit card database admin’s unencrypted work laptop got stolen at home in a burglary. Sensitive data for 1000 users was on the laptop. This is an example of which type of internal risk?

Answer options:

A.Sabotage
B.Data leak
C.IP Theft
D.Regulatory compliance violation

Correct Answer: D Option D is correct. If a business handles the personal, medical, sensitive, or classified data of individuals or government organizations, the law requires you to follow strict compliance regulations.
Option A and C are incorrect. Sabotage and IP Theft includes acting with the intention to harm specific individuals, the organization, or the organization’s data systems or daily business operations.
Option B is incorrect. There is a potential data leak situation here, however, there is an internal risk due to actions or non-actions before a leak might occur.
Reference: 

https://docs.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management?view=o365-worldwide