The MAIN reason an organization conducts a security authorization process is to

The MAIN reason an organization conducts a security authorization process is to

A.
force the organization to make conscious risk decisions.

B.
assure the effectiveness of security controls.

C.
assure the correct security organization exists.

D.
force the organization to enlist management support.