An organization recently received an independent security audit report of its cloud service provider that indicates significant control weaknesses.
What should be done NEXT in response to this report?
A . Conduct a follow-up audit to verify the provider’s control weaknesses.
B . Review the contract to determine if penalties should be levied against the provider.
C . Analyze the impact of the provider’s control weaknesses to the business.
D . Migrate all data to another compliant service provider.
Answer: C