5.2 Explain elements of the risk management process

0.0(0)
Studied by 0 people
linked notesView linked note
call kaiCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/20

flashcard set

Earn XP

Description and Tags

Flashcards focusing on key concepts, definitions, and processes related to risk management.

Last updated 12:22 AM on 4/21/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai

No analytics yet

Send a link to your students to track their progress

21 Terms

1
New cards

Risk management involves __________ potential issues, assessing their potential impact, and implementing controls to mitigate them.

identifying

2
New cards

Key concepts of the risk management process include risk identification, risk assessment, __________, and monitoring.

mitigation

3
New cards

Risk appetite and risk tolerance define how much risk an organization is __________ to accept.

willing

4
New cards

Methods such as ad hoc, recurring, one-time, or __________ risk assessments help organizations understand their risks.

continuous

5
New cards

Effective risk management safeguards the organization’s information assets, maintains regulatory compliance, and supports __________ objectives.

strategic

6
New cards

Risk identification methods include vulnerability assessments, penetration testing, and __________ intelligence.

threat

7
New cards

Risk assessment evaluates previously identified risks to determine their __________ impact on the organization.

potential

8
New cards

Quantitative risk assessment assigns __________ values to risk factors.

concrete

9
New cards

Single Loss Expectancy (SLE) is calculated by multiplying the value of the asset by an __________ factor.

exposure

10
New cards

Annualized Loss Expectancy (ALE) is determined by multiplying SLE by the __________ rate of occurrence (ARO).

annualized

11
New cards

Qualitative risk analysis assesses risks based on subjective judgment and __________ factors.

qualitative

12
New cards

Inherent risk is the level of risk before any type of __________ has been attempted.

mitigation

13
New cards

The overall status of risk management is referred to as __________.

risk posture

14
New cards

Risk acceptance means that no countermeasures are put in place because the level of risk does not __________ it.

justify

15
New cards

A risk register shows the results of risk __________ in a comprehensible format.

assessments

16
New cards

Key Risk Indicators (KRIs) are critical predictive indicators used to monitor and predict potential __________.

risks

17
New cards

Expansive, conservative, and neutral are levels of __________ appetite recognized in organizations.

risk

18
New cards

Maximum tolerable downtime (MTD) is the longest period a business function may be down without causing irrecoverable __________.

failure

19
New cards

Recovery Time Objective (RTO) is the period after a disaster that an IT system may remain __________.

offline

20
New cards

Mean Time Between Failures (MTBF) measures the expected lifetime of a __________.

product

21
New cards

Mean Time to Repair (MTTR) represents the time taken to correct a fault so the system is restored to full __________.

operation