Watch this video on YouTube
How should an information security manager evaluate the effectiveness of a chosen control framework in maintaining alignment with dynamic business objectives?