Certified Cloud Security Professional (CCSP) — Question 397
Upon completing a risk analysis, a company has four different approaches to addressing risk. Which approach it takes will be based on costs, available options, and adherence to any regulatory requirements from independent audits.
Which of the following groupings correctly represents the four possible approaches?
Answer options
- A. Accept, avoid, transfer, mitigate
- B. Accept, deny, transfer, mitigate
- C. Accept, deny, mitigate, revise
- D. Accept, dismiss, transfer, mitigate
Correct answer: A
Explanation
The correct answer is A, which includes the standard risk management strategies: accept, avoid, transfer, and mitigate. Options B and C introduce 'deny' and 'revise,' which are not recognized risk management approaches. Option D uses 'dismiss' instead of 'avoid,' which also does not align with standard practices.