Certified Cloud Security Professional (CCSP) — Question 465

Which of the following is a valid risk management metric?

Answer options

• A. KPI
• B. KRI
• C. SOC
• D. SLA

Correct answer: B

Explanation

The correct answer is B, KRI, which stands for Key Risk Indicator and is specifically designed to measure potential risks in an organization. The other options, such as KPI (Key Performance Indicator), SOC (System and Organization Controls), and SLA (Service Level Agreement), serve different purposes and are not primarily focused on risk management.