A risk control strategy that indicates the organization iswilling to accept the current level of risk and that the organization makes a conscious decisionto do nothing to protect an information asset from risk and to accept the outcome from anyresulting exploitation.
A)defense risk control strategy
B)mitigation risk control strategy
C)acceptance risk control strategy
D)termination risk control strategy
E)risk appetite
F)cost-benefit analysis
G)cost avoidance
H)asset valuation
I)organizational feasibility
J)single loss expectancy

Question

Quizplus · Accepted Answer

The acceptance risk control strategy indicates that the organization is aware of the risk, but willingly chooses to do nothing to protect the information asset and accept any potential outcomes. This strategy may be appropriate when the cost of mitigating the risk exceeds the potential impact of a data breach or other security incident.

A Risk Control Strategy That Indicates the Organization Iswilling to Accept