What is the primary goal of conducting internal self-assessments within an organization's security program?
To allocate budget exclusively for IT department initiatives
To determine employee performance metrics for annual reviews
To identify potential internal control issues before they escalate
To prepare the organization for an impending external audit only