Certified Information Systems Security Professional (CISSP) — Question 225

What are the essential elements of a Risk Assessment Report (RAR)?

Answer options

• A. Executive summary, body of the report, and appendices
• B. Executive summary, graph of risks, and process
• C. Table of contents, testing criteria, and index
• D. Table of contents, chapters, and executive summary

Correct answer: A

Explanation

The correct answer is A because a comprehensive Risk Assessment Report should include an executive summary to provide an overview, a detailed body to present the findings, and appendices for additional information. Options B, C, and D include components that do not fully capture the essential elements needed for a complete RAR.