An inexperienced information security manager is relying on its internal audit department to design and implement key security controls. Which of the following is the GREATEST risk? 

Answer options:

A. Inadequate implementation of controls
B. Conflict of interest
C. Violation of the audit charter
D. Inadequate audit skills

B