When establishing an effective security governance framework for an organization, which of the following is MOST essential to ensure alignment with business objectives and risk management strategies?
Password complexity standards
Recovery Point Objective (RPO) metrics
Information security policies
Annualized Rate of Occurrence (ARO) calculations