Which of the following is the PRIMARY reason to perform ongoing risk assessments?
A . The risk environment is subject to change.
B . The information security budget must be justified.
C . Emerging risk must be continuously reported to management.
D . New system vulnerabilities emerge at frequent intervals.
Answer: A