nerdexam
(ISC)2

CISSP · Question #254

The PRIMARY purpose of accreditation is to:

The correct answer is B. allow senior management to make an informed decision regarding whether to accept the risk of. According to the CISSP CBK Official Study Guide, the primary purpose of accreditation is to allow senior management to make an informed decision regarding whether to accept the risk of operating the system. Accreditation is the process of formally authorizing a system to operate

Submitted by jaden.t· Mar 5, 2026Security and Risk Management

Question

The PRIMARY purpose of accreditation is to:

Options

  • Acomply with applicable laws and regulations.
  • Ballow senior management to make an informed decision regarding whether to accept the risk of
  • Cprotect an organization's sensitive data.
  • Dverify that all security controls have been implemented properly and are operating in the correct

How the community answered

(49 responses)
  • A
    2% (1)
  • B
    86% (42)
  • C
    4% (2)
  • D
    8% (4)

Explanation

According to the CISSP CBK Official Study Guide, the primary purpose of accreditation is to allow senior management to make an informed decision regarding whether to accept the risk of operating the system. Accreditation is the process of formally authorizing a system to operate based on the results of the security assessment and the risk analysis. Accreditation is a management responsibility that involves evaluating the security posture, the residual risk, and the compliance status of the system, and determining if the system is acceptable to operate within the organization's risk tolerance. Accreditation does not necessarily mean that the system complies with applicable laws and regulations, protects the organization's sensitive data, or verifies that all security controls have been implemented properly and are operating in the correct manner, although these may be factors that influence the accreditation decision.

Topics

#accreditation#risk acceptance#senior management responsibility

Community Discussion

No community discussion yet for this question.

Full CISSP Practice