PrepAway - Latest Free Exam Questions & Answers

The MAJOR advantage of the risk assessment approach ove…

The MAJOR advantage of the risk assessment approach over the baseline approach to information
security management is that it ensures:

PrepAway - Latest Free Exam Questions & Answers

A.
information assets are overprotected.

B.
a basic level of protection is applied regardless of asset value.

C.
appropriate levels of protection are applied to information assets.

D.
an equal proportion of resources are devoted to protecting all information assets.

Explanation:
Full risk assessment determines the level of protection most appropriate to a given level of risk,
while the baseline approach merely applies a standard set of protection regardless of risk. There
is a cost advantage in not overprotecting information. However, an even bigger advantage is
making sure that no information assets are over- or underprotected. The risk assessment approach
will ensure an appropriate level of protection is applied, commensurate with the level of risk and
asset value and, therefore, considering asset value. The baseline approach does not allow more
resources to be directed toward the assets at greater risk, rather than equally directing resources
to all assets.


Leave a Reply