A risk practitioner has identified that the organization’s secondary data center does not provide redundancy for a critical application.
Who should have the authority to accept the associated risk?
A . Business continuity director
B . Business application owner
C . Disaster recovery manager
D . Data center manager
Answer: B