Which of the following should be determined while defining risk management strategies?

Which of the following should be determined while defining risk management strategies?

Which of the following should be determined while defining risk management strategies?

A.
Risk assessment criteria

B.
Organizational objectives and risk appetite

C.
IT architecture complexity

D.
Enterprise disaster recovery plans

Explanation:

While defining risk management strategies, one needs to analyze the organization’s objectives
and risk appetite and define a risk management framework based on this analysis. Some
organizations may accept known risks, while others may invest in and apply mitigation controls to

reduce risks. Risk assessment criteria would become part of this framework, but only after proper
analysis. IT architecture complexity and enterprise disaster recovery plans are more directly
related to assessing risks than defining strategies.

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *