Which of the following is the FIRST thing to consider when reviewing Information Technology (IT) internal controls?
A. The risk culture of the organization
B. The impact of the control
C. The nature of the risk
D. The cost of the control
A. The risk culture of the organization
B. The impact of the control
C. The nature of the risk
D. The cost of the control