Information security managers should use risk assessment techniques to:
A . justify selection of risk mitigation strategies.
B . maximize the return on investment (RO
D . provide documentation for auditors and regulators.
E . quantify risks that would otherwise be subjective.
Answer: A
Explanation:
Information security managers should use risk assessment techniques to justify and implement a risk mitigation strategy as efficiently as possible. None of the other choices accomplishes that task, although they are important components.