The Chief Information Security Officer (CISO) at a company knows that many users store business documents on public cloud-based storage, and realizes this is a
risk to the company. In response, the CISO implements a mandatory training course in which all employees are instructed on the proper use of cloud-based
storage. Which of the following risk strategies did the CISO implement?

A.
Avoid

B.
Accept

C.
Mitigate

D.
Transfer