Security risk assessments should cover only information assets that:
A. are classified and labeled.
B. are inside the organization.
C. support business processes.
D. have tangible value.
A. are classified and labeled.
B. are inside the organization.
C. support business processes.
D. have tangible value.