With a focus on the review and approval aspects of board responsibilities, the Data Governance Council recommends that the boards provide strategic oversight regarding information and information security, include these four things:
A.
Metrics tracking security milestones, understanding criticality of information and information security, visibility into the types of information and how it is used, endorsement by the board of directors
B.
Annual security training for all employees, continual budget reviews, endorsement of the development and implementation of a security program, metrics to track the program
C.
Understanding criticality of information and information security, review investment in information security, endorse development and implementation of a security program, and require regular reports on adequacy and effectiveness
D.
Endorsement by the board of directors for security program, metrics of security program milestones, annual budget review, report on integration and acceptance of program
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit