Part 1 mitigation

Question 1

What does this stage of the lifecycle do?

Answer 1

Addresses actions taken to reduce the probability that the loss represented by the risk will occur

Question 2

Mitigation doesn’t mean removing risk completely. But rather to

Answer 2

Make risk outcomes less intense or severe

Question 3

Examples of mitigation….

Answer 3

Increased scrutiny
Four eyes checks
Accounting standards
Establishing default credit probabilities
Close monitoring of contracts
Mandatory training
Managing technology threats against the organisation

Question 4

What is risk sharing ?

Answer 4

Sharing with another party the benefit of loss or the benefit of gain

Question 5

Risk avoidance…

Answer 5

Withdrawing from a business because of an unacceptable level of risk / deciding not to take on new business

Question 6

Risk acceptance…

Answer 6

Risk has been examined and assessed

Question 7

Techniques to mitigate risk:

Answer 7

Avoidance
Sharing
Transfer 
Acceptance 
Retention
Control measures

Question 8

Detective controls : what Are internal detective controls and what are external?

Answer 8

INTERNAL: trap errors after they have occurred but before a potential loss is realised in the outside world

EXTERNAL: detect the effects

Question 9

What are the 2 mitigation controls ?

Answer 9

Preventative controls

Detective controls