Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

PECB Exam ISO-IEC-27005-Risk-Manager Topic 3 Question 17 Discussion

Actual exam question for PECB's ISO-IEC-27005-Risk-Manager exam
Question #: 17
Topic #: 3
[All ISO-IEC-27005-Risk-Manager Questions]

According to ISO/IEC 27005, what is the output of the documentation of risk management processes?

Show Suggested Answer Hide Answer
Suggested Answer: B

According to ISO/IEC 27005, the output of the documentation of risk management processes should include detailed information about the results of the risk assessment and the chosen risk treatment options. This ensures transparency and provides a clear record of the decision-making process related to information security risk management. Therefore, option B is the correct answer.


Contribute your Thoughts:

Margart
1 months ago
Haha, this is a trick question! The answer is obviously A. Who cares about the results when you can have all the knowledge about the processes? That's what the examiners want to see.
upvoted 0 times
...
Johnna
1 months ago
Hmm, I'm not so sure. Option C looks quite comprehensive to me. Covering the necessary information for the whole process seems more important than just the results.
upvoted 0 times
Carey
12 days ago
User 3: But option B also mentions documented information about the results.
upvoted 0 times
...
Annelle
14 days ago
User 2: I agree, having all the necessary information for the process is crucial.
upvoted 0 times
...
Frank
20 days ago
User 1: I think option C is the best choice.
upvoted 0 times
...
...
Cheryl
1 months ago
I think the correct answer is B. The ISO/IEC 27005 standard clearly states that the output should be the documented information about the risk assessment and treatment results.
upvoted 0 times
Craig
1 days ago
User 2: I agree, the standard does mention documented information about the risk assessment and treatment results.
upvoted 0 times
...
Bronwyn
14 days ago
User 1: I think the correct answer is B.
upvoted 0 times
...
...
Jesusita
1 months ago
I believe it could also be C) Documented information that is necessary for the effectiveness of the information security risk assessment or risk treatment processes. It's important to have all necessary information for the processes to be effective.
upvoted 0 times
...
Melinda
1 months ago
I agree with Huey. Having documented information about the results is crucial for assessing and treating risks effectively.
upvoted 0 times
...
Huey
2 months ago
I think the output is B) Documented information about the information security risk assessment and treatment results.
upvoted 0 times
...

Save Cancel