When performing a quantitative risk analysis, which of the following is MOST important to estimate the potential loss?

Posted by: Pdfprep Category: CISM Tags: , ,

When performing a quantitative risk analysis, which of the following is MOST important to estimate the potential loss?
A . Evaluate productivity losses
B . Assess the impact of confidential data disclosure
C . Calculate the value of the information or asset
D . Measure the probability of occurrence of each threat

Answer: C

Explanation:

Calculating the value of the information or asset is the first step in a risk analysis process to determine the impact to the organization, which is the ultimate goal. Determining how much productivity could be lost and how much it would cost is a step in the estimation of potential risk process. Knowing the impact if confidential information is disclosed is also a step in the estimation of potential risk. Measuring the probability of occurrence for each threat identified is a step in performing a threat analysis and therefore a partial answer.

Leave a Reply

Your email address will not be published.