December 16, 2021 by Admin
An IS auditor concludes that an organization has a quality security policy. Which of the following is MOST important to determine next? The policy must be:
- updated frequently.
- developed by process owners.
- based on industry standards.
- well understood by all employees.