What is the BEST description of risk reduction?
A.
Assuming all costs associated with the risk internally
B.
Assigning any costs associated with risk to a third party
C.
Removing all risk to the enterprise at any cost
D.
Altering elements of the enterprise in response to a risk analysis
Explanation:
The correct answer is “Altering elements of the enterprise in response to a risk analysis”. Answer
“Removing all risk to the enterprise at any cost” is not possible or desirable, “Assigning any costs
associated with risk to a third party” is risk transference, and “Assuming all costs associated with the
risk internally” is risk acceptance.