The ability to demand the implementation and management of security controls on third parties providing services to an organization is_________________________.
A . Disaster recovery
B . Security Governance
C . Vendor management
D . Compliance management
Answer: C