Which of the following is NOT considered an organisational control against cybercrime?

Creating misleading advertisements does not serve as an organizational control against cybercrime. Organizational controls are measures put in place to protect a business's data and systems from unauthorized access, attacks, or other malicious activities. Access control involves restricting access to sensitive information, ensuring that only authorized personnel can access certain data. Virus protection includes software and practices designed to detect and eliminate malware, thereby securing systems against infections that could lead to data breaches. Keeping software up to date involves regularly updating programs to patch vulnerabilities and enhance security features, which is crucial in safeguarding against cyber threats.

In contrast, creating misleading advertisements does not contribute to the protection of an organization’s systems or data. Instead, it can harm a business’s reputation and lead to legal consequences, thereby detracting from the overall organizational integrity. This makes it clear that this option does not fit within the context of cybercrime control measures.