Which of the following BEST describes the scope of risk analysis?
A.
Key financial systems
B.
Organizational activities
C.
Key systems and infrastructure
D.
Systems subject to regulatory compliance
Explanation:
Risk analysis should include all organizational activities. It should not be limited to subsets of systems or just systems and infrastructure.