What is the first phase of the development of a security policy likely to involve?
A) remediation of employees that violate the policy
B) review of the policy for compliance
C) vulnerability assessment
D) an outline of how the organization will respond to attacks

Question

Quizplus · Accepted Answer

The first phase of developing a security policy is typically conducting a vulnerability assessment. This helps identify the organization's weaknesses and risks, which can then inform the development of policies and procedures to mitigate those risks. Remediation of employees, review of the policy, and outlining response plans would come later in the policy development process.

What Is the First Phase of the Development of a Security