Reevaluation of risk is MOST critical when there is:

a change in security policy. 

resistance to the implementation of mitigating controls. 

a change in the threat landscape.  

a management request for updated security reports.