Certified Cloud Security Professional (CCSP) — Question 342

Which of the following is not a risk management framework?

Answer options

• A. COBIT
• B. Hex GBL
• C. ISO 31000:2009
• D. NIST SP 800-37

Correct answer: B

Explanation

Hex GBL is not recognized as a risk management framework, while COBIT, ISO 31000:2009, and NIST SP 800-37 are established frameworks used for managing risks in various contexts.