Chapter 8 - Risk Evaluation and Mitigation Strategies

Ace your homework & exams now with Quizwiz!

Mitigate

limit the exposure in some way (Reduce Likelihood or decreasing sensitivity

Risk Planning

develops a plan to prioritize, implement, and maintain controls

Items to document

1. Action (avoid, accept, Mitigate, transfer) 2. Mitigation/Remediation Plan (Dates, Owners) 3. Status (draft, review, pending, approval, expired, not active) 4. Risk Description 5. Risk Rating 6. Risk Exception Details

General Categories of risk Mitigation

1. Risk Alleviation 2. Risk Limitation 3. Risk Planning

Options for Addressing Risk

Avoid Accept Mitigate Transfer

Avoid

Ceasing all activity that is presenting the risk

Risk Alleviation

Implements controls to prevent the threat/vulnerability

Risk Limitation

Limits the likelihood or effects with controls

Accept

Making the formal decision not to do anything and accept the risk as it is

Risk Evaluation

Prioritizing Risk which need to be addresses and how.

Transfer

Purchasing insurance to cover a breach

Risidual Risk

Remaining risk exposure level after implementing the recommended controls.


Related study sets

Chapter 10: Cloud and Virtualization Security

View Set

Java Part 2: Questions on Operators and Control Statements

View Set

CompTIA A+ Certification Practice Test 8 (Exam 220-902)

View Set

US History 10 Chapter 3 (England & Its Colonies)

View Set

CH 2 Operating-System Structures

View Set

Kidney Stones & Benign Prostatic Hyperplasia

View Set

CIS Lesson 02 Quiz 1 e-Commerce Business Models

View Set

Chapter 14- Energy generation in mitochondria and chloroplasts

View Set