The MOST basic requirement for an information security governance program is to

A.

To receive senior management support, an information security program should be aligned with the corporate business strategy.

Risk management is a requirement of an information security program which should take into consideration the business strategy.

Security governance is much broader than just regulatory compliance.

Best practice is an operational concern and does not have a direct impact on a governance program.

The MOST basic requirement for an information security governance program is to be aligned with the corporate business strategy.

Information security governance is the system by which organizations direct and control their information security activities. It involves the development of policies, procedures, standards, guidelines, and frameworks that ensure the confidentiality, integrity, and availability of an organization's information assets.

The alignment of information security governance with the corporate business strategy is essential because it ensures that security is viewed as an integral part of the business, rather than a separate function. It means that the goals and objectives of the information security program are in line with the goals and objectives of the organization as a whole. This alignment enables information security to support business objectives and protect the organization's critical assets.

A sound risk management approach, adequate regulatory compliance, and best practices for security initiatives are all important components of an effective information security governance program, but they are not the MOST basic requirement. These elements are necessary to support and reinforce the alignment with the corporate business strategy.

In summary, aligning the information security governance program with the corporate business strategy is the MOST basic requirement because it ensures that information security is integrated into the organization's overall business strategy and objectives.