Of the following, the BEST response to the absence of a data security breach notification by a service provider is to contractually require that:
A. security incidents identified by the provider be reported.
B. security related key performance indicators be included in all service level agreements.
C. security incident information be shared only on a need-to-know basis.
D. a registry of all security breaches be maintained by the service provider.
A. security incidents identified by the provider be reported.
B. security related key performance indicators be included in all service level agreements.
C. security incident information be shared only on a need-to-know basis.
D. a registry of all security breaches be maintained by the service provider.