Fill in the blank: In an internal security audit, _____ involves identifying potential threats, risks, and vulnerabilities in order to decide what security measures should be implemented.

1 point

assessing compliance


conducting a risk assessment


communicating to stakeholders


establishing the scope and goals