An external security audit has reported multiple findings related to control noncompliance.
Which of the following would be MOST important for the risk practitioner to communicate to senior management?
A . Plans for mitigating the associated risk
B . Suggestions for improving risk awareness training
C . A recommendation for internal audit validation
D . The impact to the organization’s risk profile
Answer: C