CERTIFIED-IN-CYBERSECURITY · Question #355
CERTIFIED-IN-CYBERSECURITY Question #355: Real Exam Question with Answer & Explanation
The correct answer is C: To implement controls and countermeasures that reduce the likelihood or impact of identified. Implementing controls and countermeasures that reduce the likelihood or impact of identified risks (see ISC2 Study Guide, Module 2, under Risk Treatment). Risk mitigation is an essential aspect of the risk management process, as it involves taking proactive steps to address ident
Question
In the context of risk management, what is the purpose of risk mitigation?
Options
- ATo disregard potential risks and their impacts
- BTo avoid the need for a risk management process
- CTo implement controls and countermeasures that reduce the likelihood or impact of identified
- DTo focus solely on reactive measures
Explanation
Implementing controls and countermeasures that reduce the likelihood or impact of identified risks (see ISC2 Study Guide, Module 2, under Risk Treatment). Risk mitigation is an essential aspect of the risk management process, as it involves taking proactive steps to address identified risks and minimize their potential impact on the organization's information and assets. Disregarding potential risks and their impacts, focusing solely on reactive measures, and avoiding the need for a risk management process are all incorrect options, as these approaches do not reduce the likelihood or impact of identified risks
Topics
Community Discussion
No community discussion yet for this question.