An organization has decided to conduct a postmortem analysis after experiencing a loss from an information security attack. The PRIMARY purpose of this analysis should be to:
A. prepare for criminal prosecution.
B. document lessons learned.
C. evaluate the impact.
D. update information security policies.