When developing an information security governance framework, which of the following would be the MAIN impact when lacking senior management involvement? 

Answer options:

A. Accountability for risk treatment is not clearly defined.
B. Information security responsibilities are not communicated effectively.
C. Resource requirements are not adequately considered.
D. Information security plans do not support business requirements.

C