CRISC Certified in Risk and Information Systems Control – Question663

Risk mitigation procedures should include:

A. buying an insurance policy.
B. acceptance of exposures.
C. deployment of countermeasures.
D. enterprise architecture implementation

Correct Answer: C