BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GAQM Exam ISO-31000-CLA Topic 4 Question 5 Discussion

Actual exam question for GAQM's ISO-31000-CLA exam
Question #: 5
Topic #: 4
[All ISO-31000-CLA Questions]

Which step is the last part of the risk assessment process, which started with risk identification then moved to risk assessment, and finally risk evaluation?

Show Suggested Answer Hide Answer
Suggested Answer: A

the last step of the risk assessment process, which starts with risk identification, moves to risk assessment, and finally risk evaluation, is Risk evaluation.

Risk evaluation involves comparing the estimated level of risk against the risk criteria established during the risk assessment phase, to determine the significance of the risk and whether it is acceptable or not. This decision is made in consultation with stakeholders, who may provide additional context and information to inform the decision.

The American Society for Quality (ASQ) describes risk evaluation as 'the process of comparing an estimated risk against given risk criteria to determine the acceptability of the risk.' [1]

Similarly, ISO/IEC 27001:2013 (Information technology --- Security techniques --- Information security management systems --- Requirements) defines risk evaluation as 'the process of comparing the estimated risk against given risk criteria in order to determine the significance of the risk.' [2]


by Glenna at Nov 17, 2024, 03:55 AM

Limited Time Offer

25%

Off

Get Premium ISO-31000-CLA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!


Save Cancel