Which of the following is the BEST reason to develop comprehensive information security policies?
A. To comply with external industry and government regulations
B. To support development of effective risk indicators
C. To align the information security program to organizational strategy
D. To gain senior management support for the information security program
A. To comply with external industry and government regulations
B. To support development of effective risk indicators
C. To align the information security program to organizational strategy
D. To gain senior management support for the information security program