The effectiveness of an information security governance framework will BEST be enhanced if:
A. IS auditors are empowered to evaluate governance activities
B. risk management is built into operational and strategic activities
C. a culture of legal and regulatory compliance is promoted by management
D. consultants review the information security governance framework
A. IS auditors are empowered to evaluate governance activities
B. risk management is built into operational and strategic activities
C. a culture of legal and regulatory compliance is promoted by management
D. consultants review the information security governance framework