When developing a formal enterprise security program, the MOST critical success factor (CSF)
would be the:
A.
establishment of a review board.
B.
creation of a security unit.
C.
effective support of an executive sponsor.
D.
selection of a security process owner.
Explanation:
The executive sponsor would be in charge of supporting the organization’s strategic security
program, and would aid in directing the organization’s overall security management activities.
Therefore, support by the executive level of management is themost critical success factor (CSF).
None of the other choices are effective without visible sponsorship of top management.