Which of the following is MOST important for guiding the development and management of a comprehensive information security program? 

Answer options:

A. Adopting information security program management best practices
B. Implementing policies and procedures to address the information security strategy
C. Establishing and maintaining an information security governance framework
D. Aligning the organization`s business objectives with IT objectives

C