Monitoring the effectiveness of controls ensures that the implemented controls are working as intended and that the residual risk is still within the acceptable level. This process helps to identify if the controls need to be adjusted, replaced or removed. It is important to have a regular monitoring process in place to detect any changes in the threat environment or business operations that could impact the effectiveness of the controls.
If the residual risk of a business activity is lower than the acceptable risk level, it means that the measures taken to reduce the risk are effective. The best course of action would be to monitor the risk, review the risk management strategy, communicate the results, and continuously improve the risk management strategy. This will help ensure that the risk remains at an acceptable level and the organization is prepared to manage any future risks that may arise.
If the business activity residual risk is lower than the acceptable risk level, there is no need to review the risk probability and impact, as these factors have already been considered in the risk assessment. The focus should instead be on ensuring that the controls put in place to mitigate the risk are effective and continue to be monitored. This is why B is the correct answer.
upvoted 2 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Broesweelies
Highly Voted 8 months agorichck102
Most Recent 3 months, 2 weeks agojaiz
6 months, 1 week agoaokisan
8 months, 3 weeks agodark_3k03r
4 months, 1 week ago