CompTIA SecurityX (CAS-005) — Question 59

The Chief Information Security Officer of a large multinational organization has asked the security risk manager to use risk scenarios during a risk analysis. Which of the following is the most likely reason for this approach?

Answer options

• A. To connect risks to business objectives
• B. To ensure a consistent approach to risk
• C. To present a comprehensive view of risk
• D. To provide context to the relevancy of risk

Correct answer: D

Explanation

The correct answer is D because using risk scenarios helps to illustrate how risks are relevant to specific business contexts, making it easier to understand their impact. Options A, B, and C are related but do not capture the importance of context in understanding risk significance.