Which of the following is the MOST relevant input to an organization’s risk profile?
A. External audit’s risk assessment
B. Management’s risk self-assessment
C. Internal audit’s risk assessment
D. Information security’s vulnerability assessment
A. External audit’s risk assessment
B. Management’s risk self-assessment
C. Internal audit’s risk assessment
D. Information security’s vulnerability assessment