To detect unauthorized disclosure of confidential documents sent over corporate email, monitoring all emails based on pre-defined criteria is the best approach. This involves setting up automated monitoring systems that analyze email content, attachments, and metadata to identify any potential unauthorized disclosures. By defining specific criteria (such as keywords related to confidential information), organizations can proactively detect and prevent leaks. Requiring encryption before sending documents (option A) is important but does not address monitoring for unauthorized disclosures. Firewalls (option B) protect the network but do not specifically focus on email content. Reporting outgoing emails marked as confidential (option C) relies onuser self-reporting and may not catch all incidents12. References: 1(https://www.isaca.org/resources/isaca-journal/past-issues/2010/data-governance-for-privacy-confidentiality-and-compliance-a-holistic-approach) 2(https://www.isaca.org/resources/news-and-trends/newsletters/atisaca/2020/volume-6/best-practices-for-privacy-audits)