Following a recent acquisition, an information security manager has been requested to address the outstanding risk reported early in the acquisition process. Which of the following would be the manager`s BEST course of action? 

Answer options:

A. Add the outstanding risk to the acquiring organization`s risk registry.
B. Re-assess the outstanding risk of the acquired company.
C. Re-evaluate the risk treatment plan for the outstanding risk.
D. Perform a vulnerability assessment of the acquired company`s infrastructure.

B