CISM Certified Information Security Manager – Question0378

Which of the following is the MOST important reason for performing a risk analysis?

A.
Assigning the appropriate level of protection
B. Identifying critical information assets
C. Identifying and eliminating threats
D. Promoting increased security awareness in the organization

Correct Answer: A