CISM Certified Information Security Manager – Question0440

Which of the following is MOST important to consider when prioritizing threats during the risk assessment process?

A.
The criticality of threatened systems
B. The severity of exploited vulnerabilities
C. The potential impact on operations
D. The capability of threat actors

Correct Answer: A