Which of the following provides the BEST indication that the information security program is in alignment with enterprise requirements?
A . The security strategy is benchmarked with similar organizations.
B . The information security manager reports to the chief executive officer.
C . Security strategy objectives are defined in business terms.
D . An IT governance committee is in place.
Answer: C