When designing an information security quarterly report to management, the MOST important
element to be considered should be the:
A.
information security metrics.
B.
knowledge required to analyze each issue.
C.
linkage to business area objectives.
D.
baseline against which metrics are evaluated.
Explanation:
The link to business objectives is the most important clement that would be considered by
management. Information security metrics should be put in the context of impact to management
objectives. Although important, the security knowledge required would not be the first element to
be considered. Baselining against the information security metrics will be considered later in the
process.