A large number of exceptions to an organization’s information security standards have been granted after senior management approved a bring your own device (BYOD) program.
To address this situation, it is MOST important for the information security manage to:
A . introduce strong authentication on devices
B . reject new exception requests
C . require authorization to wipe lost devices
D . update the information security policy
Answer: D