An organization has a policy in which all criminal activity is prosecuted. What is MOST important for the information security manager to ensure when an employee is suspected of using a company computer to commit fraud?

A. The forensics process is immediately initiated
B. The incident response plan is initiated
C. The employee’s log files are backed-up
D. Senior management is informed of the situation