A computer Risk Policy is a set of ideas to be implemented to overcome the risk associated with computer security incidents. Identify the procedure that is NOT part of the computer risk policy?
A . Procedure to identify security funds to hedge risk
B . Procedure to monitor the efficiency of security controls
C . Procedure for the ongoing training of employees authorized to access the system
D . Provisions for continuing support if there is an interruption in the system or if the system crashes
Answer: C