A new regulation for safeguarding information processed by a specific type of transaction has come to the attention of an information security officer. The officer should FIRST:
A. meet with stakeholders to decide how to comply.
B. analyze key risks in the compliance process.
C. assess whether existing controls meet the regulation.
D. update the existing security/privacy policy.
A. meet with stakeholders to decide how to comply.
B. analyze key risks in the compliance process.
C. assess whether existing controls meet the regulation.
D. update the existing security/privacy policy.