Which of the following is MOST important when discussing risk within an organization?

A. Adopting a common risk taxonomy.
B. Creating a risk communication policy.
C. Using key performance indicators (KPIs).
D. Using key risk indicators (KRIs).