The authorization to transfer the handling of an internal security incident to a third-party support provider is PRIMARILY defined by the:

A. information security manager
B. escalation procedures
C. disaster recovery plan
D. chain of custody