CISA Certified Information Systems Auditor – Question0625

Which of the following is MOST likely to be included in an enterprise information security policy?

A.
Password composition requirements
B. Consequences of noncompliance
C. Audit trail review requirements
D. Security monitoring strategy

Correct Answer: B