Certified Information Systems Security Professional (CISSP) — Question 47

What type of risk is related to the sequences of value-adding and managerial activities undertaken in an organization?

Answer options

• A. Control risk
• B. Demand risk
• C. Supply risk
• D. Process risk

Correct answer: D

Explanation

The correct answer is Process risk, as it specifically relates to the potential issues arising from the sequence of activities that add value and are managed within an organization. Control risk, Demand risk, and Supply risk do not directly address the internal processes that influence the value chain.