1/20
Flashcards focusing on key concepts, definitions, and processes related to risk management.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai |
|---|
No analytics yet
Send a link to your students to track their progress
Risk management involves __________ potential issues, assessing their potential impact, and implementing controls to mitigate them.
identifying
Key concepts of the risk management process include risk identification, risk assessment, __________, and monitoring.
mitigation
Risk appetite and risk tolerance define how much risk an organization is __________ to accept.
willing
Methods such as ad hoc, recurring, one-time, or __________ risk assessments help organizations understand their risks.
continuous
Effective risk management safeguards the organization’s information assets, maintains regulatory compliance, and supports __________ objectives.
strategic
Risk identification methods include vulnerability assessments, penetration testing, and __________ intelligence.
threat
Risk assessment evaluates previously identified risks to determine their __________ impact on the organization.
potential
Quantitative risk assessment assigns __________ values to risk factors.
concrete
Single Loss Expectancy (SLE) is calculated by multiplying the value of the asset by an __________ factor.
exposure
Annualized Loss Expectancy (ALE) is determined by multiplying SLE by the __________ rate of occurrence (ARO).
annualized
Qualitative risk analysis assesses risks based on subjective judgment and __________ factors.
qualitative
Inherent risk is the level of risk before any type of __________ has been attempted.
mitigation
The overall status of risk management is referred to as __________.
risk posture
Risk acceptance means that no countermeasures are put in place because the level of risk does not __________ it.
justify
A risk register shows the results of risk __________ in a comprehensible format.
assessments
Key Risk Indicators (KRIs) are critical predictive indicators used to monitor and predict potential __________.
risks
Expansive, conservative, and neutral are levels of __________ appetite recognized in organizations.
risk
Maximum tolerable downtime (MTD) is the longest period a business function may be down without causing irrecoverable __________.
failure
Recovery Time Objective (RTO) is the period after a disaster that an IT system may remain __________.
offline
Mean Time Between Failures (MTBF) measures the expected lifetime of a __________.
product
Mean Time to Repair (MTTR) represents the time taken to correct a fault so the system is restored to full __________.
operation