An organization’s marketing department wants to use an online collaboration service which is not in compliance with the information security policy. A risk assessment is performed, and risk acceptance is being pursued. Approval of risk acceptance should be provided by:
A. the information security manager
B. business senior management
C. the chief risk officer
D. the compliance officer.
A. the information security manager
B. business senior management
C. the chief risk officer
D. the compliance officer.