Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
When assessing information systems, what is the initial aspect that should be reviewed?
The threats/vulnerabilities affecting the assets.
The automated or manual methods for monitoring the risk related to the assets.
The adequacy of controls already in place.
The antivirus definitions are up to date.
One of the key factors to be considered while assessing the risk related to the use of various information systems is the threats and vulnerabilities affecting the assets. The risk related to the use of information assets should be evaluated in isolation from the installed controls. Similarly, the effectiveness of the controls should be considered during the risk mitigation stage and not during the risk assessment phase. A mechanism to continuously monitor the risk related to assets should be put in place during the risk monitoring function that follows the risk assessment phase.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.