Which of the following BEST demonstrates to an IS auditor that an organization has implemented effective risk management processes?
A. Critical business assets have additional controls.
B. The risk register is reviewed periodically.
C. A business impact analysis (BIA) has been completed.
D. The inventory of IT assets includes asset classification.
A. Critical business assets have additional controls.
B. The risk register is reviewed periodically.
C. A business impact analysis (BIA) has been completed.
D. The inventory of IT assets includes asset classification.