What is the MAIN purpose of a security assessment plan? A. Provide education to employees on security and privacy, to ensure their awareness on policies and procedures. B. Provide the objectives for the security and privacy control assessments and a detailed roadmap of how to conduct such assessments. C. Provide guidance on security requirements, to ensure the identified security risks are properly addressed based on the recommendation. D. Provide technical information to executives to help them understand information security postures and secure funding.