CISA Certified Information Systems Auditor – Question0450

Reevaluation of risk is MOST critical when there is:

A.
resistance to the implementation of mitigating controls
B. a change in security policy
C. a management request for updated security reports
D. a change in the threat landscape

Correct Answer: D