An organization is implementing an information security governance framework. To communicate the program’s effectiveness to stakeholders, it is MOST important to establish:

An organization is implementing an information security governance framework. To communicate the program’s effectiveness to stakeholders, it is MOST important to establish:
A . automated reporting to stakeholders.
B . a control self-assessment process.
C . metrics for each milestone.
D . a monitoring process for the security policy.

View Answer

Answer: C