The PRIMARY goal in developing an information security strategy is to:
A.
establish security metrics and performance monitoring.
B.
educate business process owners regarding their duties.
C.
ensure that legal and regulatory requirements are met
D.
support the business objectives of the organization.
Explanation:
The business objectives of the organization supersede all other factors. Establishing metrics and
measuring performance, meeting legal and regulatory requirements, and educating business
process owners are all subordinate to this overall goal.