Which of the following steps of the LeGrand Vulnerability-Oriented Risk Management method determines the necessary compliance offered by risk management practices and assessment of risk levels?

A. Assessment, monitoring, and assurance
B. Vulnerability management
C. Risk assessment
D. Adherence to security standards and policies for development and deployment