The most important thing when implementing an organization’s security policy is to obtain management support. Management support means that the senior management and the board of directors endorse, approve, and fund the security policy and its implementation. Management support also means that the management communicates, promotes, and enforces the security policy across the organization. Management support can help to ensure that the security policy is aligned with the organizational strategy and objectives, and that it is effective, consistent, and sustainable. The other options are not as important as obtaining management support, as they are related to the specific aspects or components of the security policy implementation, not the overall success and acceptance of the security policy implementation. References = Risk and Information Systems Control Study Manual, Chapter 3: IT Risk Response, Section 3.3: IT Risk Response Implementation, page 145.