Whereas COBIT provides a framework of controls to minimize risk, ___________ provides a framework for assessing risk.
a) ISO/IEC 27001
b) ISO 31000
c) NIST Cybersecurity Framework
d) HIPAA