You have identified several risks in your project. You have opted for risk mitigation in order to
respond to identified risk. Which of the following ensures that risk mitigation method that you have
chosen is effective?
A.
Reduction in the frequency of a threat
B.
Minimization of inherent risk
C.
Reduction in the impact of a threat
D.
Minimization of residual risk
Explanation:
The inherent risk of a process is a given and cannot be affected by risk reduction or risk mitigation
efforts. Hence it should be reduced as far as possible.
Answer D is incorrect. The objective of risk reduction is to reduce the residual risk to levels below
the enterprise’s risk tolerance level.
Answer A is incorrect. Risk reduction efforts can focus on either avoiding the frequency of the risk
or reducing the impact of a risk.
Answer C is incorrect. Risk reduction efforts can focus on either avoiding the frequency of the risk
or reducing the impact of a risk.