What is the first step to understanding a security threat's potential impact to a business?
A. update the list of all assets, including the number of computers.
B. have HR update the total number of employees per region.
C. perform a risk impact analysis.
D. update all cloud-related policies within the organization.