Which of the following would help determine the maturity of an information security awareness program?
A. A review of the annual penetration test results
B. A network vulnerability assessment
C. A simulated social engineering test
D. A gap assessment against an established model
A. A review of the annual penetration test results
B. A network vulnerability assessment
C. A simulated social engineering test
D. A gap assessment against an established model