Exam CISM Topic 2 Question 234 Discussion

Actual exam question for ISACA's CISM exam
Question #: 234
Topic #: 2
Which of the following is the MAIN reason for performing risk assessment on a continuous basis'?

Suggested Answer: C Vote an answer

Section: INFORMATION RISK MANAGEMENT
Explanation:
The risk environment is impacted by factors such as changes in technology, and business strategy. These changes introduce new threats and vulnerabilities to the organization. As a result, risk assessment should be performed continuously. Justification of a budget should never be the main reason for performing a risk assessment. New vulnerabilities should be managed through a patch management process. Informing management about emerging risks is important, but is not the main driver for determining when a risk assessment should be performed.

by Renata at Dec 02, 2024, 06:06 PM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10