Questions and Answers
What is the purpose of applying risk assessments in an organization?
To identify, estimate, and prioritize risks to the organization's mission and assets
Which of the following is NOT listed as a potential input for conducting risk assessments?
Non-disclosure agreements with employees
What is the expected output of conducting organization-level risk assessments?
Organizationally-tailored control baselines and Cybersecurity Framework Profiles
Which of the following is an optional task for organizations to complete related to risk assessments?
Signup and view all the answers
In the context of risk assessments, what do 'organizationally-tailored control baselines' refer to?
Signup and view all the answers
What type of information can be obtained from continuous monitoring for use in risk assessments?
Signup and view all the answers
What is the primary purpose of a system-level risk assessment?
Signup and view all the answers
What are the key components of a system-level risk assessment according to the text?
Signup and view all the answers
What is the purpose of prioritizing system assets based on the adverse impact or consequence of asset loss?
Signup and view all the answers
What is the expected output of Task P-13 according to the text?
Signup and view all the answers
Which of the following is NOT a key component of a system-level risk assessment according to the text?
Signup and view all the answers
Which of the following is the MOST accurate description of the purpose of Task P-14, Risk Assessment—System?
Signup and view all the answers
What is the primary purpose of Task P-2, Risk Management Strategy?
Signup and view all the answers
What is the primary function of risk tolerance in the organization's risk management process?
Signup and view all the answers
Which of the following is NOT listed as a potential input of Task P-2, Risk Management Strategy?
Signup and view all the answers
What is the primary purpose of Task P-3, Risk Assessment—Organization?
Signup and view all the answers
Which of the following is NOT a key feature of risk tolerance in the organization's risk management process?
Signup and view all the answers
Which of the following is listed as an expected output of Task P-2, Risk Management Strategy?
Signup and view all the answers