When trying to integrate information security across an organization, the MOST important goal for a governing body should be to ensure:

A. the resources used for information security projects are kept to a minimum.
B. information security is treated as a business critical issue.
C. funding is approved for requested information security projects.
D. periodic information security audits are conducted.