During an audit process, a company presents documentation showing that employees have acknowledged understanding and compliance with the organization's security policies. This practice is referred to as what?
Access Control
Penetration Testing
Risk Analysis
Attestation