New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSAP Exam - Topic 4 Question 48 Discussion

Actual exam question for ISC2's ISSAP exam
Question #: 48
Topic #: 4
[All ISSAP Questions]

Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?

Show Suggested Answer Hide Answer
Suggested Answer: C

policy providing various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc., it means

it has transferred its security risks to the insurance company.

Answer option B is incorrect. Risk avoidance is the practice of not performing an activity that could carry risk. Avoidance may seem the answer

to all risks, but avoiding risks also means losing out on the potential gain that accepting (retaining) the risk may have allowed.

Answer option D is incorrect. Risk mitigation is the practice of reducing the severity of the loss or the likelihood of the loss from occurring.

Answer option A is incorrect. Risk acceptance is the practice of accepting certain risk(s), typically based on a business decision that may also

weigh the cost versus the benefit of dealing with the risk in another way.


by Brandon at May 09, 2022, 01:14 PM

Limited Time Offer

25%

Off

Get Premium ISSAP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Jenise
4 months ago
Isn't risk acceptance just ignoring the problem?
upvoted 0 times
...
Nohemi
4 months ago
I think it's more about risk mitigation, not just transfer.
upvoted 0 times
...
Yuki
4 months ago
Wait, can we really rely on insurance for hacking?
upvoted 0 times
...
Celia
4 months ago
Definitely risk transfer, insurance covers that.
upvoted 0 times
...
Carlton
5 months ago
Sounds like risk transfer to me!
upvoted 0 times
...
Scarlet
5 months ago
I’m confused; I thought risk avoidance meant completely eliminating the risk, which doesn’t apply here since they still have potential liabilities.
upvoted 0 times
...
Deeanna
5 months ago
This question feels familiar; I think it could also relate to risk mitigation, but insurance seems more like transferring the risk.
upvoted 0 times
...
Misty
5 months ago
I'm not entirely sure, but I remember something about risk acceptance being when you just deal with the risks without any coverage.
upvoted 0 times
...
Salome
5 months ago
I think this might be about risk transfer since the company has insurance to cover potential losses.
upvoted 0 times
...
Cecilia
5 months ago
I feel pretty confident about this question. The key is to make sure the communication is clear, structured, and responsive to the needs of the business. Hitting all those points in the answer choices will be crucial.
upvoted 0 times
...
Elly
5 months ago
This question seems straightforward, I think I can handle it.
upvoted 0 times
...
Maryann
5 months ago
This is a tricky one, but I think the key is understanding what MLAG is and how it works. Let me think this through carefully.
upvoted 0 times
...
Estrella
5 months ago
Okay, I've got this. The key is to identify which of these statements the auditor would want the client to confirm as part of their written representations.
upvoted 0 times
...

Save Cancel