What practice supports the needs of risk management in an organization?

The involvement of all stakeholders in the decision-making process is crucial for effective risk management in an organization. This approach ensures that various perspectives, expertise, and insights are taken into account when identifying, assessing, and mitigating risks. Stakeholders from different areas, including management, IT, operations, compliance, and legal, have unique knowledge about risks related to their specific domains. By engaging them in the risk management process, the organization can develop a comprehensive understanding of potential vulnerabilities and threats, fostering a more robust risk management strategy.

In addition, involving stakeholders promotes ownership and accountability among different teams, leading to more effective implementation of risk management practices. It supports better communication and collaboration, which are essential for navigating the complexities of risk management. This collaborative approach can also enhance the organization's ability to respond to changing risk environments and align risk management initiatives with overall business objectives.

The other choices, while important practices within a risk management framework, do not emphasize the collaborative aspect that stakeholder involvement brings. Periodic assessments of security policies help maintain compliance and identify gaps, but they might lack the diverse input needed for a holistic view of risks. Application of configuration management is vital for maintaining secure systems, yet it is more focused on technical controls rather than the strategic decision-making aspect. The creation