MANAGEMENT

Detailed explanation-1: -Ideally, an organization would be prepared for all risks and threats and avoid them entirely. However, having a risk mitigation plan can help an organization prepare for the worst, acknowledging that some degree of damage will occur and having systems in place to confront that.

Detailed explanation-2: -The goal of risk mitigation is to reduce the likelihood of business or project risk, as well as to put strategies in place to monitor and respond to potential threats in the event they happen.

Detailed explanation-3: -Mitigating controls are the key to reducing threats to assets, in regards to risk management. These mitigating controls can be found within standards, such as ISO/IEC 27001, and suggest measures to take in order to reduce risk to an organization’s assets.

Detailed explanation-4: -Controls bring people, processes and technology together. These three pieces are crucial to building an effective governance, risk and compliance program. By building a culture of risk and adopting technology solutions, businesses can better develop processes and then define controls to cover risks.

Detailed explanation-5: -The aim of the risk assessment process is to evaluate hazards, then remove that hazard or minimize the level of its risk by adding control measures, as necessary.