💼 8d implementation of controls — regularly seek assurance from and, as appropriate, challenge management on reporting regarding the effectiveness of the information security control environment and the overall health of the entity’s information assets.