🔥 3-day streak
CompTIA SecurityX (CAS-005)80 / 120
Question 80 of 120

A newly hired CISO at a mid-size manufacturing firm is establishing an enterprise risk program. The board has requested a risk assessment of a proposed cloud migration, but the firm lacks historical loss data for cloud-related incidents and has limited time before the next board meeting. The CISO must produce a prioritized view of risks that stakeholders across engineering, legal, and finance can quickly understand and validate. Which risk assessment approach is MOST appropriate given these constraints?

Reviewed for accuracy · Report an issueNext question