Which of the following is an initial consideration when developing an information security management system?
A . Identify the contractual security obligations that apply to the organizations
B . Understand the value of the information assets
C . Identify the level of residual risk that is tolerable to management
D . Identify relevant legislative and regulatory compliance requirements
Answer: D
Latest CISSP Dumps Valid Version with 981 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund