An organization is restructuring its IT governance framework to improve its cybersecurity strategy. The organization has several distributed offices across various geographical regions, each having a unique set of IT policies and infrastructure. The cybersecurity lead aims to increase control and consistency over the security practices in each office while retaining some autonomy for the individual offices to manage their specific risks. Which governance structure aligns with the objectives of the cybersecurity lead and effectively mitigates risks associated with the security practices at each office?

A$.$Change Control Board $($CCB$)$

B$.$Decentralized governance with an executive committee

C$.$Centralized governance with an advisory board

D$.$Centralized governance with a steering committee