Which of the following is required if deviation occurs from an organization-wide security policy?
A.
Risk acceptance
B.
Risk assignment
C.
Risk reduction
D.
Risk containment
Explanation:
If a security policy is deviated from, the organization must be
prepared to accept risk.