The security planning process must define how security will be managed, who will be responsible,
and
A.
Who practices are reasonable and prudent for the enterprise.
B.
Who will work in the security department.
C.
What impact security will have on the intrinsic value of data.
D.
How security measures will be tested for effectiveness.