Before final acceptance of residual risk, what is the BEST way for an information security manager to address risk factors determined to be lower than acceptable risk levels?

CISM V1 0 Comments

Before final acceptance of residual risk, what is the BEST way for an information security manager to address risk factors determined to be lower than acceptable risk levels?
A . Implement more stringent countermeasures.
B . Evaluate whether an excessive level of control is being applied.
C . Ask senior management to increase the acceptable risk levels
D . Ask senior management to lower the acceptable risk levels.

Answer: B

Latest CISM Dumps Valid Version with 1327 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CISM PDF     CISM Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments