In addition to business alignment and security ownership, which of the following is MOST critical for information security governance?
A . Auditability of systems
B . Compliance with policies
C . Reporting of security metrics
D . Executive sponsorship
Answer: A