A peer review of a risk assessment finds that a relevant threat community was not included. Mitigation of the risk will require substantial changes to a software application. Which of the following is the BEST course of action?
A. Ask the business to make a budget request to remediate the problem.
B. Research the types of attacks the threat can present.
C. Determine the impact of the missing threat.
D. Build a business case to remediate the fix.
A. Ask the business to make a budget request to remediate the problem.
B. Research the types of attacks the threat can present.
C. Determine the impact of the missing threat.
D. Build a business case to remediate the fix.