Weekend Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

During a periodic internal audit, a company identifies a few new, critical security controls that...

CompTIA CAS-005 Full Course Access
CompTIA CAS-005 View All Questions

During a periodic internal audit, a company identifies a few new, critical security controls that are missing. The company has a mature risk management program in place, and the following requirements must be met:

The stakeholders should be able to see all the risks.

The risks need to have someone accountable for them.

Which of the following actions should the GRC analyst take next?

A.

Add the risk to the risk register and assign the owner and severity.

B.

Change the risk appetite and assign an owner to it.

C.

Mitigate the risk and change the status to accepted.

D.

Review the risk to decide whether to accept or reject it.

CAS-005 PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now CAS-005 pdf
Get 65% Discount on All Products, Use Coupon: "ac4s65"
Next
A cybersecurity architect seeks to improve vulnerability management and orchestrate a large number of vulnerability...
A security engineer wants to reduce the attack surface of a public-facing containerized application Which...
Previous