The Chief Information Security Officer (CISO) at a company knows that many users store
business documents on public cloud-based storage; and realizes this is a risk to the company. In
response, the CISO implements a mandatory training course in which all employees are instructed
on the proper use of cloud-based storage. Which of the following risk strategies did the CISO
implement?

A.
Avoid

B.
Accept

C.
Mitigate

D.
Transfer