Chapter 1 quiz question/answer

By Logan Mullet

List and describe the four main choices of action when a security risk is found.

  1. Do nothing. This is a very poor decision, it is banking on the fact that they risk will not effect you. It is the security equivalent of riding a motorcycle with no helmet- if nothing happens you are fine. But if there is a problem, then you are in a world of hurt.

  2. Accept the risk. This is similar to doing nothing, but first doing research. After investigation, if it appears that taking the risk and dealing with the aftermath would be cheaper and easier than implementing preventative measures, then it may be appropriate to accept the risk.

  3. Transfer the risk. This often involves buying a type of insurance to cover the risk. It will provide coverage if the risk were to happen, but it merely shifts the problem to another entity, the insurance provider. Depending on the nature of the risk, this may be a cheap solution.

  4. Mitigate the risk. This is the most robust choice. Resources will be spent in both trying to minimize the chance of the risk happening as well as being prepared if the risk were to happen. It is a similar idea to moving to a place that does not have tornadoes often, but having a plan and supplies just in case a tornado does occur.
Topic revision: r2 - 2014-02-05 - JimSkon
This site is powered by the TWiki collaboration platformCopyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback