An updated risk assessment in response to the security control assessment along with inputs from the risk executive helps to determine and prioritize:
-
A
Plan of action and milestones
-
B
Initial remediation actions
-
C
Failed controls
-
D
Control reassessments