Watch this video on YouTube
During a routine security assessment, an ethical hacker utilizes a set of guidelines to assess the security measures of an organization. Which of these would be considered an information security control?