An organization is implementing an information security governance framework. To communicate the program's effectiveness to stakeholders, it is MOST important to establish:
A. automated reporting to stakeholders.
B. a control self-assessment process.
C. metrics for each milestone.
D. a monitoring process for the security policy.
A. automated reporting to stakeholders.
B. a control self-assessment process.
C. metrics for each milestone.
D. a monitoring process for the security policy.