Question
8. Under the NIST SP 800 30 framework, _______ refers to the magnitude of harm that could be caused by a threats exercise of vulnerability.
8. Under the NIST SP 800 30 framework, _______ refers to the magnitude of harm that could be caused by a threats exercise of vulnerability.
9. Six risk-mitigation strategies include __________, _____________, _____________, ___________, _______________, and ________________.
10. ____________ specifies the measure of risk in terms of both qualitative and quantitative estimations, while _________________ involves the comparing and prioritization of risk level based on risk-evaluation criteria and risk-acceptance criteria.
11. Common risks to IT architectures and components include: _____________________, ____________________, ___________________, _____________________, ____________________, ___________________, and _____________________.
12. In using Cascarinos Cube, the intention is to determine whether the accumulation of controls intended to mitigate a particular risk to a particular component, would be adequate to:______________________________________________.
13. If the controls identified and located in the Cube function as intended, management may gain the assurance that risk is being controlled to the desired level in an ___________ and __________ manner.
14. In gathering audit evidence, the auditor must ensure that it is _____________, _______________, _______________, and _____________.
15. Evidence derived from computations, comparisons to standards, past operations, and similar operations is known as ____________________ evidence
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started