Risk Flashcards
Define Risk Acceptance.
Risk acceptance is the decision to retain a risk and not take any action to mitigate it. This is usually done when the cost of mitigation is greater than the potential loss from the risk.
What is Risk Transference?
Risk transference is the transfer of risk to another party, such as an insurance company.
Define Risk Deterrence.
Risk deterrence is the attempt to discourage a threat actor from carrying out a risky action. This can be done through a variety of methods, such as security awareness training, physical security measures, and legal deterrents.
What is Risk Avoidance?
Risk avoidance is the elimination of a risk by preventing the underlying cause from occurring. This is the most effective way to manage risk, but it is not always possible.
What is a Risk Register?
A risk register is a document containing detailed information on potential cybersecurity risks.
What is a Risk Heat Map?
A risk heat map is an assessment tool used for prioritizing the severity of different risks.
Define Inherent Risk.
Inherent risk is the risk that exists before any controls are put in place to mitigate it. It is the natural level of risk associated with an activity or process.
What is Residual Risk?
Residual risk is the risk that remains after controls have been put in place to mitigate inherent risk. It is the difference between the inherent risk and the effectiveness of the controls.
What is a Quantitative risk assessment?
Quantitative risk assessment is a method of assessing risk by assigning monetary values to the potential losses.
What is ARO?
The Annual Rate of Occurrence is the expected number of times a risk will occur in a one-year period.
What is SLE?
The Single Loss Expectancy is the expected monetary loss from a single occurrence of a risk. It is calculated by multiplying the asset value (AV) by the exposure factor (EF).
What is ALE?
The Annual Loss Expectancy is the expected monetary loss from a risk over a one-year period. It is calculated by multiplying the single loss expectancy (SLE) by the annual rate of occurrence (ARO).
