The MOST important reason for an information security manager to be involved in the change management process is to ensure that:
A. security controls are updated regularly.
B. potential vulnerabilities are identified.
C. risks have been evaluated.
D. security controls drive technology changes.