🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional47 / 124
Question 47 of 124

A financial services company migrates a customer-facing application to a public IaaS provider. After implementing all agreed technical and contractual controls, the risk assessment shows a small amount of remaining risk related to a rare provider outage scenario. The cost of further mitigation would exceed the projected loss, and the residual risk falls within the board-approved risk appetite. According to enterprise risk management principles, what is the appropriate next step for handling this remaining risk?

Reviewed for accuracy · Report an issueNext question