Which of the following is the MAIN reason for performing risk assessment on a continuous basis’?

Which of the following is the MAIN reason for performing risk assessment on a continuous basis’?

Which of the following is the MAIN reason for performing risk assessment on a continuous basis’?

A.
Justification of the security budget must be continually made.

B.
New vulnerabilities are discovered every day.

C.
The risk environment is constantly changing.

D.
Management needs to be continually informed about emerging risks.

Explanation:

The risk environment is impacted by factors such as changes in technology, and business
strategy. These changes introduce new threats and vulnerabilities to the organization. As a result,
risk assessment should be performed continuously. Justification of a budget should never be the
main reason for performing a risk assessment. New vulnerabilities should be managed through a
patch management process. Informing management about emerging risks is important, but is not
the main driver for determining when a risk assessment should be performed.



Leave a Reply 0

Your email address will not be published. Required fields are marked *