Which of the following would be of GREATEST importance to the security manager in determining whether to accept residual risk?

Last Updated on December 20, 2021 by Admin 2

Which of the following would be of GREATEST importance to the security manager in determining whether to accept residual risk?

  • Historical cost of the asset
  • Acceptable level of potential business impacts
  • Cost versus benefit of additional mitigating controls
  • Annualized loss expectancy (ALE)
Explanation:
The security manager would be most concerned with whether residual risk would be reduced by a greater amount than the cost of adding additional controls. The other choices, although relevant, would not be as important.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments