Your company needs a structured approach for identifying and managing threats to operations. Which framework provides this guidance?
A. ISO 9001
B. COBIT 5
C. ISO 27005
D. ITIL v2
Answer: C. ISO 27005
ISO 27005 provides a systematic approach for managing information security risk, including identification, analysis, and evaluation.