What is meant by 'Control Gap' in risk management? a. Lack of encryption b. Untrained users c. Portion of risk not covered by controls d. Unsupported software

The term 'Control Gap' in risk management refers to: **c. Portion of risk not covered by controls** A control gap indicates areas where existing controls do not sufficiently mitigate identified risks, leaving an organization's operations exposed to potential threats.