CISM Certified Information Security Manager – Question0551

Which of the following is a step in establishing a security policy?

A.
Developing platform-level security baselines
B. Creating a RACI matrix
C. Implementing a process for developing and maintaining the policy
D. Developing configuration parameters for the network

Correct Answer: C