The selection of security controls is PRIMARILY linked to:
A. best practices of similar organizations
B. risk appetite of the organization
C. regulatory requirements
D. business impact assessment
A. best practices of similar organizations
B. risk appetite of the organization
C. regulatory requirements
D. business impact assessment