You are the risk official of your enterprise. Your enterprise takes important decisions without
considering risk credential information and is also unaware of external requirements for risk
management and integration with enterprise risk management. In which of the following risk
management capability maturity levels does your enterprise exists?
A.
Level 1
B.
Level 0
C.
Level 5
D.
Level 4
Explanation:
0 nonexistent: An enterprise’s risk management capability maturity level is 0 when:
The enterprise does not recognize the need to consider the risk management or the business
impact from IT risk.
Decisions involving risk lack credible information.
Awareness of external requirements for risk management and integration with enterprise risk
management (ERM) do not exists.
These all are much higher levels of the risk management capability maturity model and in all these
enterprise do take decisions considering the risk credential information. Moreover, in these levels
enterprise is aware of external requirements for risk management and integrate with ERM.