Which of the following is the MOST appropriate board-level activity for information security governance?
A. Establish security and continuity ownership
B. Develop “what-if” scenarios on incidents
C. Establish measures for security baselines
D. Include security in job-performance appraisals
A. Establish security and continuity ownership
B. Develop “what-if” scenarios on incidents
C. Establish measures for security baselines
D. Include security in job-performance appraisals