Which of the following should be the PRIMARY consideration when developing a security governance framework for an enterprise? 

Answer options:

A. Understanding of the current business strategy
B. Assessment of the current security architecture
C. Results of a business impact analysis (BIA)
D. Benchmarking against industry best practice

A