Which of the following is the BEST way to facilitate the alignment between an organization’s information security program and business objectives?
A. Information security is considered at the feasibility stage of all IT projects.
B. The information security governance committee includes representation from key business areas.
C. The chief executive officer reviews and approves the information security program.
D. The information security program is audited by the internal audit department.
A. Information security is considered at the feasibility stage of all IT projects.
B. The information security governance committee includes representation from key business areas.
C. The chief executive officer reviews and approves the information security program.
D. The information security program is audited by the internal audit department.