When developing an information security governance framework, which of the following would be the MAIN impact when lacking senior management involvement?
A . Accountability for risk treatment is not clearly defined.
B . Information security responsibilities are not communicated effectively.
C . Resource requirements are not adequately considered.
D . Information security plans do not support business requirements.
Answer: C