Question: Risk assessment is MOST effective when performed:
A.) at the beginning of security program development.
B.) on a continuous basis.
C.) while developing the business case for the security program.
D.) during the business change process.

Download pdf (with explanations) edition of this exam.