A. Reassess the risk on a regular basis
AIO
Page 179
"After an organization accepts a risk, instead of closing the matter for perpetuity, it should review the risk at least annually (or after a significant event that would change the conditions surrounding the accepted risk) for the following reasons:
• The value of the asset may have changed during the year.
• The value of the business activity related to the asset may have changed during the year. • The potency of threats may have changed during the year, potentially leading to a higher risk rating.
• The cost of mitigation may have changed during the year, potentially leading to greater feasibility for risk mitigation or transfer."
A. Reassess the risk on a regular basis.
Once a risk has been accepted, it is essential to periodically reassess the risk. This is because the risk environment and context can change over time, and what might have been an acceptable risk at one point may no longer be acceptable in the future. Regular reassessment allows organizations to stay informed about the current status of accepted risks and make adjustments as necessary. Therefore, option A is the correct answer.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Jess20
1 month, 2 weeks agooluchecpoint
4 months, 1 week agorichck102
6 months, 3 weeks ago