Which one of the following should NOT be contained within a computer policy?

A.
Definition of management expectations.

B.
Responsibilities of individuals and groups for protected information.

C.
Statement of senior executive support.

D.
Definition of legal and regulatory controls.