g is
What is a pervasive control in the context of IT security policy enforcement?
A. A control used exclusively for financial reporting.
B. A unique control that applies to one specific department.
C. A common control used across a significant population of systems, applications, and operations.
D. A control that is only applicable to external threats.
