Security Management Risk Assessment

Question 1

What is risk defined as?

Answer 1

The possibility that human actions or events can lead to consequences

Question 2

Risk is assessed via a mixture of two things, which are?

Answer 2

The possibility of the risk occurring and the damage it would deal if it were to occur

Question 3

What is risk capacity?

Answer 3

The amount of risk that could take place before the business goes bankrupt or goes down

Question 4

What is risk appetite?

Answer 4

The business has to take some amount of risk at the very least, and this target risk that would be preferred is the risk appetite

Question 5

What is risk exposure?

Answer 5

The amount of actual risk that the business exposes itself to in real time

Question 6

Where is risk exposure compared to risk appetite typically?

Answer 6

Usually, risk exposure goes up and down fluctuating around the risk appetite

Question 7

What is risk tolerance?

Answer 7

Risk tolerance is the maximum amount of risk that the business is willing to expose themselves to

Question 8

What is operational risk?

Answer 8

Operational risk is the risk of less resulting from inadequate or failed internal processes, people and systems

Question 9

What is the order of the risk management process?

Answer 9

Risk identification, risk analysis, risk evaluation, risk treatment, risk acceptance

Question 10

What are the three lines of defence in security management?

Answer 10

There are the management controls as the first line, then financial controls, security and risk management as the second line, then the internal audit as the final line

Question 11

What is a risk grid?

Answer 11

A grid showing the comparable likelihood of certain risks and their impact