Which of the following should be the MOST important consideration when determining controls necessary for a highly critical information system?
A. The number of vulnerabilities to the system
B. The level of acceptable risk to the organization
C. The organization’s available budget
D. The number of threats to the system
A. The number of vulnerabilities to the system
B. The level of acceptable risk to the organization
C. The organization’s available budget
D. The number of threats to the system