CompTIA Security+ (SY0-701) — Question 499

A company is considering an expansion of access controls for an application that contractors and internal employees use to reduce costs. Which of the following risk elements should the implementation team understand before granting access to the application?

Answer options

• A. Threshold
• B. Appetite
• C. Avoidance
• D. Register

Correct answer: B

Explanation

Understanding the risk appetite is crucial as it reflects the level of risk the organization is willing to accept when granting access. The other options, such as Threshold, Avoidance, and Register, do not directly relate to the organization's willingness to accept risk in the context of access control.