An international pharmaceutical company is fully compliant with local and international regulations. However, they suffered a major data breach that exploited a six-month-old vulnerability. The CIO asked Accenture "How can this be possible?" How should Accenture respond?
A.Because compliance to local and international laws does not necessarily enforce security.
B. Because the local and international compliance laws conflict.
C. Because the Security Operations team does not handle compliance issues.
D.Because the security policy documentation was not kept up to date.
