An analysis of an organization`s security breach is complete. The results indicate that the quality of the code used for updates to its primary customer-facing software has been declining and security flaws were introduced. The FIRST IT governance action to correct this problem should be to review: 

Answer options:

A. the incident response plan.
B. the change management control framework.
C. compliance with the user testing process.
D. the qualifications of developers to write secure code.

A