When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?
A . Only when assets are clearly defined
B. Only when standards are defined
C. Only when controls are put in place
D. Only procedures are defined
Answer: A
Latest HCISPP Dumps Valid Version with 305 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund