Question 196:
Which of the following should be established FIRST when implementing an information security governance framework?
Answer options:
A. Security incident management team B. Security awareness training program C. Security architecture D. Security policies