What is the MOST important item to be included in an information security policy?
A.
The definition of roles and responsibilities
B.
The scope of the security program
C.
The key objectives of the security program
D.
Reference to procedures and standards of the security program
Explanation:
Stating the objectives of the security program is the most important element to ensure alignment
with business goals. The other choices are part of the security policy, but they are not as
important.