Which of the following is a challenge in ensuring operational assurance?

Ensuring operational assurance involves maintaining the integrity, availability, and confidentiality of an organization's information systems. One of the primary challenges in achieving this is the constantly changing security threats that organizations face.

Security threats are dynamic; they evolve as attackers develop new techniques and as technology changes. This means that organizations must continuously adapt their security measures, tools, and policies to counteract these emerging threats. The constant evolution of malware, techniques for social engineering, and vulnerabilities in software require ongoing vigilance and updates to security strategies. Thus, organizations must remain proactive rather than reactive, which can be resource-intensive and complex.

While ensuring staff training, establishing system backups, and gathering feedback from users are important for operational assurance, these aspects are more about supporting operational integrity rather than challenges posed by external factors. Constantly changing security threats fundamentally impact how an organization must approach security management, making it a significant challenge to operational assurance.