Which of the following is the purpose of an industry-standard framework?
A . To promulgate compliance requirements for sales of common IT systems
B . To provide legal relief to participating organizations in the event of a security breach
C . To promulgate security settings on a vendor-by-vendor basis
D . To provide guidance across common system implementations
Answer: D