During a code review a software developer discovers a security risk that may result in hundreds of hours of rework. The security team has classified these issues as
low risk. Executive management has decided that the code will not be rewritten. This is an example of:
A.
Risk avoidance
B.
Risk transference
C.
Risk mitigation
D.
Risk acceptance
Risk avoidance
0
3
They have accepted the risk and decided to not to rewrite the code, so risk acceptance
3
0