Which should be the key driver for a company security policy's creation, implementation and enforcement?
A. the business knowledge of the IT staff
B. the technical knowledge of the IT staff
C. the company's business objectives.
D. the company's network topology
E. the IT future directions.