You are the new CISO of an international trading company and just got onboard recently. Which of the following is the first and most concern for you?
A. Salary and benefits package
B. The role and responsibility (R&R) of CISO
C. To develop and implement an information security strategy
D. To elicit business and security requirements, and develop an information security program and supporting policies
This post, Security Function, states the justification.