🔥 3-day streak
ISC2 CISSP — Certified Information Systems Security Professional89 / 129
Question 89 of 129
A newly formed startup has limited historical loss data and no budget for detailed financial modeling. The CISO must present a prioritized list of risks to the executive board within one week, ranking each risk by relative severity so leadership can decide where to focus early security investment. Which risk assessment approach is MOST appropriate for this situation?
Reviewed for accuracy · Report an issueNext question