What does it mean that a risk should be accepted based on cost, pain, and visibility?
What does it mean that a risk should be accepted based on cost, pain, and visibility?
Which of the following is incorrect pertaining to this value?
In risk assessments and analysis, the frequency of a threat needs to be estimated. The value that is used is usually the annualized rate of occurrence. Which of the following is incorrect pertaining to this value?
Why is it important to get the right level of individuals involved in a risk analysis?
Why is it important to get the right level of individuals involved in a risk analysis?
What is the danger of not doing this?
Sam and David have not carried out proper project sizing and they are halfway through their risk analysis. What is the danger of not doing this?
Which of the following lists these items?
A proper risk analysis has specific steps and objectives that it needs to accomplish. Which of the following lists these items?
Who sets the acceptable risk level for an organization?
Who sets the acceptable risk level for an organization?
What is the purpose of an IRM policy?
What is the purpose of an IRM policy?
What is the main purpose of information risk management?
What is the main purpose of information risk management?
Which answer below contains all of the proper sections?
The ISO 17799 is broken down into 10 different sections. Which answer below contains all of the proper sections?
Which of the following best describes ISO 17799 and BS 7799?
Which of the following best describes ISO 17799 and BS 7799?