What is a key item that must be kept in mind when designing an enterprise-wide information security program?
A. When defining controls follow an approach and framework that is consistent with organizational culture
B. Determine controls in the light of specific risks an organization is facing
C. Put an enterprise-wide network and Host-Based Intrusion Detection and Prevention System (Host-Based IDPS) into place as soon as possible
D. Put an incident management and log file analysis program in place immediately