PrepAway - Latest Free Exam Questions & Answers

A risk management approach to information protection is:

A risk management approach to information protection is:

PrepAway - Latest Free Exam Questions & Answers

A.
managing risks to an acceptable level, commensurate with goals and objectives.

B.
accepting the security posture provided by commercial security products.

C.
implementing a training program to educate individuals on information protection and risks.

D.
managing risk tools to ensure that they assess all information protection vulnerabilities.

Explanation:

Risk management is identifying all risks within an organization, establishing an acceptable level of
risk and effectively managing risks which may include mitigation or transfer. Accepting the
security- posture provided by commercial security products is an approach that would be limited to
technology components and may not address all business operations of the organization.
Education is a part of the overall risk management process. Tools may be limited to technology
and would not address non-technology risks.


Leave a Reply