A newly appointed Chief Information Security Officer has completed a risk assessment review of the organization and wants to reduce the numerous risks that were identified. Which of the following will provide a trend of risk mitigation?

A. Planning
B. Continuous monitoring
C. Risk response
D. Risk analysis
E. Oversight