When building a policy framework, which of the following information systems factors should be considered?
(select all that apply)
A. Unauthorized Access to and Use of the System
B. Unauthorized Disclosure of the Information
C. Disruption of the System or Services
D. Employee personal interests
E. Individual employee background
