ISA/IEC 62443 Cybersecurity Fundamentals Specialist — Question 87

What is the formula for calculating risk?

Answer options

• A. Risk = Likelihood + Consequence
• B. Risk = Threat - Vulnerability × Consequence
• C. Risk = Threat + Vulnerability + Consequence
• D. Risk = Threat × Vulnerability × Consequence

Correct answer: D

Explanation

The correct answer is D, as risk is determined by multiplying the threat, vulnerability, and consequence, reflecting the potential impact of a security incident. Options A, B, and C do not accurately represent the relationship between these factors in risk assessment, as they involve incorrect operations or omit critical components.