Which of the following stakeholders should be PRIMARILY responsible for developing, implementing, and monitoring metrics for security activities?
A. Chief technology officer
B. Security incident response team
C. Chief information security officer
D. IT steering committee
A. Chief technology officer
B. Security incident response team
C. Chief information security officer
D. IT steering committee