Your company completes a risk analysis. After the analysis, management requests that you deploy security controls that will mitigate any of the identified risks. What is risk mitigation?
A. risk that is left over after safeguards have been implemented
B. terminating the activity that causes a risk or choosing an alternative that is not as risky
C. passing the risk on to a third party
D. defining the acceptable risk level the organization can tolerate and reducing the risk to that level
D
Explanation: Risk mitigation is defining the acceptable risk level the organization can tolerate and reducing the risk to that level.
Residual risk is risk that is left over after safeguards have been implemented. Risk avoidance is terminating the activity that causes a risk or choosing an alternative that is not as risky. Risk transfer is passing the risk on to a third party.
You might also like to view...
A file created in Google Docs can be saved as a Word file
Indicate whether the statement is true or false
In a business letter, reference notations include items such as initials, enclosures, and copies
Indicate whether the statement is true or false