Which of the following should be an information security manager's FIRST course of action following a decision to implement a new technology?
A. Determine security controls needed to support the new technology.
B. Perform a business impact analysis (BIA) on the new technology.
C. Perform a return-on-investment (ROI) analysis for the new technology.
D. Determine whether the new technology will comply with regulatory requirements.
A. Determine security controls needed to support the new technology.
B. Perform a business impact analysis (BIA) on the new technology.
C. Perform a return-on-investment (ROI) analysis for the new technology.
D. Determine whether the new technology will comply with regulatory requirements.