An information security manager is assisting in the development of the request for proposal (RFP) for a new outsourced service. This will require the third party to have access to critical business information. The security manager should focus PRIMARILY on defining:
A. security metrics
B. service level agreements (SLAs)
C. risk-reporting methodologies
D. security requirements for the process being outsourced
A. security metrics
B. service level agreements (SLAs)
C. risk-reporting methodologies
D. security requirements for the process being outsourced