A large number of exceptions to an organization’s information security standards have been granted after senior management approved a bring your own device (BYOD) program. To address this situation, it is MOST important for the information security manager to:
A . introduce strong authentication on devices.
B . reject new exception requests.
C . update the information security policy.
D . require authorization to wipe lost devices.
Answer: A