GIAC Security Leadership Certification (GSLC) — Question 24

When conducting a risk assessment to meet specific compliance requirements, which approach is most effective?

Answer options

• A. Control-focused
• B. Risk-based
• C. Threat-based
• D. Maturity-focused

Correct answer: B

Explanation

The risk-based approach is most effective because it prioritizes the identification and assessment of risks based on their potential impact and likelihood, aligning with compliance needs. Control-focused, threat-based, and maturity-focused methods do not address risks directly in the context of compliance, making them less suitable for this specific purpose.