Which of the following MOST effectively demonstrates operational readiness to address information security risk issues?
A. Executive management has announced an information security risk initiative.
B. Procedures have been established for assessing and mitigating information security risks.
C. IT management has communicated the need for information security risk management to the business.
D. A policy has been communicated stating enterprise commitment and readiness to address information security risk.
A. Executive management has announced an information security risk initiative.
B. Procedures have been established for assessing and mitigating information security risks.
C. IT management has communicated the need for information security risk management to the business.
D. A policy has been communicated stating enterprise commitment and readiness to address information security risk.