Which of the following processes is the FIRST step in establishing an information security policy?
A . Security controls evaluation
B . Business risk assessment
C . Review of current global standards
D . Information security audit
Answer: B
Which of the following processes is the FIRST step in establishing an information security policy?
A . Security controls evaluation
B . Business risk assessment
C . Review of current global standards
D . Information security audit
Answer: B