Certified Information Security Manager Exam Questions

Isaca

Certified Information Security Manager

422 / 500

Question 422:

The MOST likely reason to use qualitative security risk assessments instead of quantitative methods is when:

Answer options:

A. an organization provides services instead of hard goods.
B. a security program requires independent expression of risks.
C. available data is too subjective.
D. a mature security program is in place.

Add to favourites