CompTIA Security+ SY0-701 Practice Question
What is the PRIMARY purpose of risk reporting within an organization's risk management strategy?
To document and communicate the identified risks to stakeholders responsible for decision-making.
To execute the deployment of technical controls across the organization's network.
To allocate the annual budget for the information security department.
To enforce regulatory compliance and avoid potential legal penalties.