Certified Chief Information Security Officer (CCISO) — Question 153

Which of the following is the MOST important goal of risk management?

Answer options

• A. Finding economic balance between the impact of the risk and the cost of the control
• B. Identifying the victim of any potential exploits
• C. Identifying the risk
• D. Assessing the impact of potential threats

Correct answer: A

Explanation

The most crucial goal of risk management is to achieve an economic balance between the risk's impact and the cost of implementing controls, which is reflected in option A. While identifying risks, potential victims, and assessing impacts are important steps in the process, they do not encapsulate the overarching aim of risk management as effectively as finding that balance does.