Which of the following aspects of an IT risk and control self-assessment would be MOST important to include in a report to senior management?
A. A decrease in the number of key controls
B. Changes in control design
C. An increase in residual risk
D. Changes in control ownership
A. A decrease in the number of key controls
B. Changes in control design
C. An increase in residual risk
D. Changes in control ownership