TOGAF Enterprise Architecture Practitioner — Question 24

What are the following activities part of?

Initial risk assessment -
Risk mitigation and residual risk assessment
Risk monitoring

Answer options

• A. Risk Management
• B. Phase C
• C. Phase A
• D. Security Architecture

Correct answer: A

Explanation

The correct answer is A, Risk Management, as the activities listed are all integral parts of the risk management process. Options B and C, Phase C and Phase A, do not encompass these activities as comprehensively as Risk Management does. Option D, Security Architecture, is more focused on the design and implementation of security measures rather than the assessment and management of risks.