TOGAF 9 Combined Part 1 and Part 2 — Question 36

Which of the following best describes the meaning of "Initial Level of Risk" in Risk Management?

Answer options

• A. The categorization after implementation of mitigating actions
• B. The categorization after initial risk assessment
• C. The categorization after mitigation and residual risk assessment
• D. The categorization before determining and implementing mitigating actions
• E. The categorization before risk identification

Correct answer: D

Explanation

The correct answer, D, refers to the categorization of risks before any mitigating actions are taken, which is essential for understanding the baseline risk level. Options A, B, and C describe stages after some level of risk management actions have been implemented, while option E pertains to the stage of risk identification, which comes before risk assessment.