Certified Secure Software Lifecycle Professional (CSSLP) — Question 28
Fred is the project manager of the CPS project. He is working with his project team to prioritize the identified risks within the CPS project. He and the team are prioritizing risks for further analysis or action by assessing and combining the risks probability of occurrence and impact. What process is Fred completing?
Answer options
- A. Risk identification
- B. Risk Breakdown Structure creation
- C. Perform qualitative analysis
- D. Perform quantitative analysis
Correct answer: A
Explanation
Fred is engaged in the process of Risk identification, where he and his team assess and prioritize potential risks to the project. The other options refer to different aspects of risk management; for instance, Perform qualitative analysis involves evaluating risks based on their impact and likelihood, while Perform quantitative analysis focuses on numerical evaluation of risks.