Which of the following frameworks and standards will BEST fit the organization as a baseline for their security program?

Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years.

Which of the following frameworks and standards will BEST fit the organization as a baseline for their security program?
A . NIST and Privacy Regulations
B . NIST and data breach notification laws
C . ISO 27000 and Payment Card Industry Data Security Standards
D . ISO 27000 and Human resources best practices

View Answer

Answer: C