In which of the following programs is it MOST important to include the collection of security process data? Answer with explanations
A. Quarterly access reviews
B. Security continuous monitoring
C. Business continuity testing
D. Annual security training