Question 47:
Which of the following is MOST critical to have in place before management can establish an IT risk assessment and response approach?
Answer options:
A. A portfolio of IT investments B. Defined roles and responsibilities C. Historic data on risk events D. A balanced scorecard