What are the three elements of the risk triad from an information security perspective?

What are the three elements of the risk triad from an information security perspective?

A.
Actions, threats, and vulnerabilities

B.
Assets, countermeasures, and threats

C.
Assets, countermeasures, and vulnerabilities

D.
Assets, threats, and vulnerabilities