An organization has decided to conduct a postmortem analysis after experiencing a loss from an information security attack. The PRIMARY purpose of this analysis should be to:
A . prepare for criminal prosecution.
B . document lessons learned.
C . evaluate the impact.
D . update information security policies.
Answer: C