Which of the following is the BEST approach for determining the maturity level of an information security program?
A. Review internal audit results.
B. Engage a third-party review.
C. Perform a self-assessment.
D. Evaluate key performance indicators (KPIs).
A. Review internal audit results.
B. Engage a third-party review.
C. Perform a self-assessment.
D. Evaluate key performance indicators (KPIs).