Which of the following is the BEST method to determine whether an information security program meets an organization’s business objectives?
A. Implement performance measures.
B. Review against international security standards.
C. Perform a business impact analysis (BIA).
D. Conduct an annual enterprise-wide security evaluation.
A. Implement performance measures.
B. Review against international security standards.
C. Perform a business impact analysis (BIA).
D. Conduct an annual enterprise-wide security evaluation.