ISACA IT Risk Fundamentals — Question 5

Which of the following is a KEY contributing component for determining risk rankings to direct risk response?

Answer options

Correct answer: B

Explanation

The severity of a vulnerability is essential because it directly influences the potential impact on the organization, making it a key factor in risk ranking. While the cost of mitigating controls and the maturity of risk management processes are important, they do not assess the actual risk posed by vulnerabilities as effectively as their severity.