Which of the following is not a goal of information systems risk management?

$1.$

Ensure information systems risk management is consistent with the senior management risk strategy

$2.$

Ensure information security requirements $/$ controls, are integrated into enterprise architecture and system development life cycle process.

$3.$

Ensure all information security risks are removed from the information system.

$4.$

Ensure ongoing $/$ informed security authorization through continuous monitoring and transparency of risk$-$related information.