CISM Certified Information Security Manager – Question0183

Which of the following is MOST likely to be included in an enterprise information security policy?

A.
Security monitoring strategy
B. Audit trail review requirements
C. Password composition requirements
D. Consequences of noncompliance

Correct Answer: D