The MOST important reason that security risk assessment should be conducted frequently throughout an organization is because:
A. threats to the organization may change.
B. controls should be regularly tested.
C. compliance with legal and regulatory standards should be reassessed.
D. control effectiveness may weaken.
A. threats to the organization may change.
B. controls should be regularly tested.
C. compliance with legal and regulatory standards should be reassessed.
D. control effectiveness may weaken.