When reviewing an organization’s IT governance processes, which of the following provides the BEST indication that information security expectations are being met at all levels?
A. Achievement of established security metrics
B. Approval of the security program by senior management
C. Utilization of an internationally recognized security standard
D. Implementation of a comprehensive security awareness program
A. Achievement of established security metrics
B. Approval of the security program by senior management
C. Utilization of an internationally recognized security standard
D. Implementation of a comprehensive security awareness program