Question 198:
Which of the following is MOST important to consider when determining the effectiveness of the information security governance program?
Answer options:
A. Key performance indicators (KPIs) B. Key risk indicators (KRIs) C. Maturity models D. Risk tolerance levels