CISM Certified Information Security Manager – Question0375

Reevaluation of risk is MOST critical when there is:

A.
a change in security policy.
B. resistance to the implementation of mitigating controls.
C. a change in the threat landscape.
D. a management request for updated security reports.

Correct Answer: C