Certified Information Systems Security Professional (CISSP) — Question 8

The Open Web Application Security Project's (OWASP) Software Assurance Maturity Model (SAMM) allows organizations to implement a flexible software security strategy to measure organizational impact based on what risk management aspect?

Answer options

Correct answer: B

Explanation

The correct answer is B, Risk tolerance, as it refers to the level of risk that an organization is willing to accept while pursuing its objectives. The other options, while related to risk management, do not specifically address the flexibility and measurement of impact that the SAMM framework emphasizes.