What should a risk practitioner do NEXT if an ineffective key control is identified on a critical system?
A. Revalidate the risk assessment.
B. Escalate to senior management.
C. Propose acceptance of the risk.
D. Conduct a gap analysis.
A. Revalidate the risk assessment.
B. Escalate to senior management.
C. Propose acceptance of the risk.
D. Conduct a gap analysis.