ExamGecko
Question list
Search
Search

Question 580 - CISM discussion

Report
Export

A KEY consideration in the use of quantitative risk analysis is that it:

A.
aligns with best practice for risk analysis of information assets.
Answers
A.
aligns with best practice for risk analysis of information assets.
B.
assigns numeric values to exposures of information assets.
Answers
B.
assigns numeric values to exposures of information assets.
C.
applies commonly used labels to information assets.
Answers
C.
applies commonly used labels to information assets.
D.
is based on criticality analysis of information assets.
Answers
D.
is based on criticality analysis of information assets.
Suggested answer: B

Explanation:

A key consideration in the use of quantitative risk analysis is that it assigns numeric values to exposures of information assets, such as the probability of occurrence, the frequency of occurrence, the impact of occurrence, and the monetary value of the assets. These numeric values help to measure and compare the risks in a more objective and consistent way, and to support the decision-making process based on cost-benefit analysis. Quantitative risk analysis also requires reliable and accurate data sources, and it may involve the use of statistical tools and techniques.

Reference= CISM Review Manual, 16th Edition eBook1, Chapter 2: Information Risk Management, Section: Risk Analysis, Subsection: Quantitative Risk Analysis, Page 84.

asked 01/10/2024
Dan Yann
47 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first