What is the PRIMARY purpose of risk reporting within an organization's risk management strategy?
To document and communicate the identified risks to stakeholders responsible for decision-making.
To enforce regulatory compliance and avoid potential legal penalties.
To execute the deployment of technical controls across the organization's network.
To allocate the annual budget for the information security department.