ISA/IEC 62443 Cybersecurity Fundamentals Specialist — Question 73

What are the two elements of the risk analysis category of an IACS?

Answer options

• A. Risk evaluation and risk identification
• B. Business rationale and risk reduction and avoidance
• C. Business rationale and risk identification and classification
• D. Business recovery and risk elimination or mitigation

Correct answer: C

Explanation

The correct answer is C, as it encompasses both the business rationale and the processes involved in identifying and classifying risks. Options A and B do not include the classification aspect, while D focuses on recovery and mitigation rather than analysis.