Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

PECB Exam ISO-IEC-27005-Risk-Manager Topic 1 Question 16 Discussion

Actual exam question for PECB's ISO-IEC-27005-Risk-Manager exam
Question #: 16
Topic #: 1
[All ISO-IEC-27005-Risk-Manager Questions]

Which statement regarding information gathering techniques is correct?

Show Suggested Answer Hide Answer
Suggested Answer: C

ISO/IEC 27005 advises that even after risks have been treated, any residual risks should be continuously monitored and reviewed. This is necessary to ensure that they remain within acceptable levels and that any changes in the internal or external environment do not escalate the risk beyond acceptable thresholds. Monitoring also ensures that the effectiveness of the controls remains adequate over time. Option A is incorrect because all risks, including those meeting the risk acceptance criteria, should be monitored. Option B is incorrect because monitoring is necessary regardless of the perceived severity if it occurs, to detect changes early.


Contribute your Thoughts:

Currently there are no comments in this discussion, be the first to comment!


Save Cancel