A. Transfer.

B. Mitigate.

• C. Assume.

• D. All of the above.

A. The IT Security Manager.

B. The IT Manager.

• C. The person responsible for the QMS.

• D. The top management.

A. The top management.

B. The IT Security Manager.

• C. The person responsible for the QMS.

• D. The Operations Manager.

Each document is classified as an asset.

1. Records must be retained for three years.

1. Documents are protected from loss of integrity.

1. Only the owner of the document can update the document.

• Ensure compliance with the information security policy.

• Allocate resources necessary to maintain the system.

• Supporting the drive for continuous improvement.

All of the above.

• IT Security Manager.

• Everyone.

1. QMS manager.

1. IT Manager.

The top management.

The IT Security Manager.

• The person responsible for the QMS.

• The IT Manager.