Which of the following risk management strategies has the organization employed?

8 thoughts on “Which of the following risk management strategies has the organization employed?”

1. agree with Sandman’s explanation.

   Reply

2. trickyQuestion
   {
   the company use

   “3rd parity”

   for background checks to Mitigate risk throw employment screening (employment background screening).

   };

   4

   Reply

3. Nothing here mentions contracts to transfer the risk. Policies and procedures are revised. Mitigate the risk as there is no transfer of risk.

   Reply

   1. Can background checks even be a transfer of risk? https://riskmitigation.us/pages/about

      Reply

4. From Sybex CAS-003 book:
   Transfer To transfer the risk is to deflect it to a third party. For example, insurance is obtained.

   Mitigate To mitigate the risk means that a control is used to reduce the risk. For example, installing a firewall is one method in which risk can be mitigated.

   So A.

   Reply

5. Answer is A.

   Reply

6. The risk is defined as “improper implementation of the procedures”

   A – Incorrect – Transfer means to take pass the risk to someone else, the “risk” of not implementing the revised procedures still belongs to the company, (i.e. having an inappropriate employee on-boarded) so you haven’t transferred the risk. To transfer, you would have to ensure that the 3rd party accepted liability for any damage to your company for the improper implementation, this isn’t mentioned in the question, so it doesn’t exist.
   B – Correct – You have done something to improve the situation and reduce the risk.
   C – Incorrect – You have made changes with the intention of improving the situation, so you didn’t accept.
   D – Incorrect – You are still conducting the activity. Avoiding it means not doing it.
   E – Reject – This is not an optional risk, so you cannot reject.

   3

   1

   Reply

7. Should be A. Transfer – “Use a third-party to perform background checks on all new employees”

   1

   Reply