BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

PECB Exam ISO-IEC-27005-Risk-Manager Topic 1 Question 10 Discussion

Actual exam question for PECB's ISO-IEC-27005-Risk-Manager exam
Question #: 10
Topic #: 1
[All ISO-IEC-27005-Risk-Manager Questions]

Which activity below is NOT included in the information security risk assessment process?

Show Suggested Answer Hide Answer
Suggested Answer: C

The information security risk assessment process, as outlined in ISO/IEC 27005, typically includes identifying risks, assessing their potential impact, and prioritizing them. However, selecting risk treatment options is not part of the risk assessment process itself; it is part of the subsequent risk treatment phase. Therefore, option C is the correct answer as it is not included in the risk assessment process.


Contribute your Thoughts:

Roosevelt
2 months ago
But selecting risk treatment options is a crucial step in managing information security risks.
upvoted 0 times
...
Tu
2 months ago
Ha! This question is a real head-scratcher. I bet the answer is B, prioritizing risks. That's like asking a toddler to do their taxes, am I right?
upvoted 0 times
Justine
12 days ago
I agree with Justine, C seems like the odd one out.
upvoted 0 times
...
Julian
14 days ago
No way, it's definitely C, selecting information security risk treatment options.
upvoted 0 times
...
Felicia
22 days ago
I think the answer is A, determining the risk identification approach.
upvoted 0 times
...
...
Tomoko
2 months ago
Hmm, I'm not so sure. I think C might be the right answer here. Selecting risk treatment options is a crucial step in the process.
upvoted 0 times
Sherly
23 days ago
I agree, C is not included in the information security risk assessment process.
upvoted 0 times
...
Nida
24 days ago
C) Selecting information security risk treatment options
upvoted 0 times
...
Dana
27 days ago
B) Prioritizing risks for risk treatment
upvoted 0 times
...
Meghan
1 months ago
A) Determining the risk identification approach
upvoted 0 times
...
...
Dean
2 months ago
I think the correct answer is A. Determining the risk identification approach is definitely part of the risk assessment process.
upvoted 0 times
Jamika
1 months ago
B) Prioritizing risks for risk treatment
upvoted 0 times
...
Dong
2 months ago
A) Determining the risk identification approach
upvoted 0 times
...
...
Alyce
2 months ago
I disagree, I believe the answer is A) Determining the risk identification approach.
upvoted 0 times
...
Roosevelt
2 months ago
I think the answer is C) Selecting information security risk treatment options.
upvoted 0 times
...

Save Cancel