PrepAway - Latest Free Exam Questions & Answers

Which of the following risk handling technique involves…

Which of the following risk handling technique involves the practice of passing on the risk to another entity,
such as an insurance company?

PrepAway - Latest Free Exam Questions & Answers

A.
Risk Mitigation

B.
Risk Acceptance

C.
Risk Avoidance

D.
Risk transfer

Explanation:
Many types of insurance are available to companies to protect their assets. If a company decides the total risk
is too high to gamble with, it can purchase insurance, which would transfer the risk to the insurance company.
Incorrect Answers:
A: Risk mitigation is where controls or countermeasures are implemented to ensure the risk is reduced to a
level considered acceptable enough to continue conducting business. This is not the practice of passing on the
risk to another entity, such as an insurance company.
B: Risk acceptance means the company understands the level of risk it is faced with, as well as the potential
cost of damage, and decides to just live with it and not implement the countermeasure. This is not the practice
of passing on the risk to another entity, such as an insurance company.
C: Risk avoidance is where a company removes a risk or does not implement something that could introduce a
risk. For example, by disabling a service or removing an application deemed to be a risk or not implementing
them in the first place. This is not the practice of passing on the risk to another entity, such as an insurance
company.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, pp. 97-98


Leave a Reply