Which of the following provides the BEST explanation regarding why an organization needs to implement IT security policies?
A. To ensure that false positives are identified
B. To ensure that staff conform to the policy
C. To reduce the organizational risk
D. To require acceptable usage of IT systems
Answer: C