CISM Certified Information Security Manager – Question0242

Which of the following is MOST essential for a risk management program to be effective?

A.
Flexible security budget
B. Sound risk baseline
C. New risks detection
D. Accurate risk reporting

Correct Answer: C

Explanation:

Explanation: All of these procedures are essential for implementing risk management. However, without identifying new risks, other procedures will only be useful for a limited period.