What does 'inherent risk' mean in the context of third-party vendor risk assessment?
-
A
The risk that remains after all controls are applied
-
B
The level of risk present before any mitigating controls are considered
-
C
The risk transferred to the vendor through contract terms
-
D
The financial risk of vendor non-performance