CISM Certified Information Security Manager – Question0517

To implement a security framework, an information security manager must FIRST develop:

A.
security standards.
B. security procedures.
C. a security policy.
D. security guidelines.

Correct Answer: D