In addition to the risk register, what should a risk practitioner review to develop an understanding of the organization’s risk profile?
A. The asset profile
B. Business objectives
C. The control catalog
D. Key risk indicators (KRIs)
A. The asset profile
B. Business objectives
C. The control catalog
D. Key risk indicators (KRIs)