PECB Exam ISO-IEC-27005-Risk-Manager Topic 1 Question 20 Discussion

Actual exam question for PECB's ISO-IEC-27005-Risk-Manager exam

Question #: 20
Topic #: 1

[All ISO-IEC-27005-Risk-Manager Questions]

According to CRAMM methodology, how is risk assessment initiated?

ABy gathering information on the system and identifying assets within the scope

BBy identifying the security risks

CBy determining methods and procedures for managing risks

Show Suggested Answer

Suggested Answer: A

According to the CRAMM (CCTA Risk Analysis and Management Method) methodology, risk assessment begins by collecting detailed information on the system and identifying all assets that fall within the defined scope. This foundational step ensures that the assessment is comprehensive and includes all relevant assets, which could be potential targets for risk. This makes option A the correct answer.

by Natalie at Apr 09, 2025, 10:08 AM

Limited Time Offer

25%

Off

Get Premium ISO-IEC-27005-Risk-Manager Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Silvana

3 days ago

I think gathering information on the system and identifying assets within the scope is the way to initiate risk assessment. It's like building a strong foundation before tackling the risks.

upvoted 0 times

...