CGRC Question #9: Real Exam Question with Answer & Explanation

The correct answer is A: Finding an economic balance between the impact of the risk and the cost of the countermeasure. The goals of risk management include identifying risks, assessing their potential impact, and finding an economic balance between the risk's impact and the cost of countermeasures.

Security and Privacy Governance, Risk Management, and Compliance Program

Question

Which of the following are the goals of risk management? Each correct answer represents a complete solution. Choose three. Response:

Options

AFinding an economic balance between the impact of the risk and the cost of the countermeasure
BIdentifying the risk
CAssessing the impact of potential threats
DIdentifying the accused

Explanation

The goals of risk management include identifying risks, assessing their potential impact, and finding an economic balance between the risk's impact and the cost of countermeasures.

Common mistakes.

D. Identifying the accused is part of incident response or forensic investigation, not a direct goal of proactive risk management which focuses on potential future events.

Concept tested. Goals of risk management

Reference. https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/secure/security-governance-risk-compliance

Topics

#Risk Management Goals#Risk Identification#Risk Assessment#Cost-Benefit Analysis

Community Discussion

No community discussion yet for this question.

Full CGRC Practice Browse All CGRC Questions