Which of the following issues should be of GREATEST concern when evaluating existing controls during a risk assessment?
A. Redundant compensating controls are in place.
B. Asset custodians are responsible for defining controls instead of asset owners.
C. A high number of approved exceptions exist with compensating controls.
D. Successive assessments have the same recurring vulnerabilities.
A. Redundant compensating controls are in place.
B. Asset custodians are responsible for defining controls instead of asset owners.
C. A high number of approved exceptions exist with compensating controls.
D. Successive assessments have the same recurring vulnerabilities.