Which of the following is MOST useful to include in a report to senior management on a regular basis to demonstrate the effectiveness of the information security program?
A. Critical success factors (CSFs)
B. Key risk indicators (KRIs)
C. Capability maturity models
D. Key performance indicators (KPIs)
A. Critical success factors (CSFs)
B. Key risk indicators (KRIs)
C. Capability maturity models
D. Key performance indicators (KPIs)