Watch this video on YouTube
You are the IT risk manager at HDA Inc. You are reviewing management's IT control self-assessments and have observed an ineffective control that is connected to several low residual risk scenarios. What should you do next?