As part of a merger with another organization, a Chief Information Security Officer (CISO) is working with an assessor to perform a risk assessment focused on data privacy compliance. The CISO is primarily concerned with the potential legal liability and fines associated with data privacy.
Based on the CISO’s concerns, the assessor will MOST likely focus on:
A . qualitative probabilities.
B . quantitative probabilities.
C . qualitative magnitude.
D . quantitative magnitude.
Answer: D