Kizspy | Question: 54
(Choose 1 answer)
Which of the following choice is NOT normally part of the questions that would be asked in regards to an organization's information security policy?
A. Who is involved in establishing the security policy?
B. Where is the organization's security policy defined?
C. What are the actions that need to be performed in case of a disaster?
D. Who is responsible for monitoring compliance to the organization's security policy?
