From the course: ISC2 Health Care Information Security and Privacy Practitioner (HCISSP) Cert Prep
Unlock this course with a free trial
Join today to access over 23,200 courses taught by industry experts.
Risk response
From the course: ISC2 Health Care Information Security and Privacy Practitioner (HCISSP) Cert Prep
Risk response
Hello again and welcome to the HCISPP certification course with Cybrary. Risk Response. My name is Schlaine Hutchins. Today we're going to cover risk acceptance, risk avoidance, risk mitigation, risk sharing or transfer. Risk acceptance is a response to an identified risk. When the risk is within the organization's risk tolerance. An accepted risk can be low, medium or high, depending on the situation. High risk should not be regularly accepted. They should be remediated. Critical risks must be addressed immediately and should never be accepted. Any time a risk is accepted, it should be appropriately documented with accountability for who is accepting the risk. Risks should only be accepted by senior leaders and/or business unit leaders. However, before any risk is accepted, it should be evaluated to ensure there are no downstream effects to other areas within the organization. Accepted risks should be reviewed on a periodic basis during the monitoring phase of the risk assessment…
Contents
-
-
-
-
-
-
-
-
(Locked)
Risk management, part 19m 42s
-
(Locked)
Risk management, part 26m 38s
-
(Locked)
Risk management frameworks8m 32s
-
(Locked)
Risk management process, part 16m 4s
-
(Locked)
Risk management process, part 27m 7s
-
(Locked)
Identify control assessment processes and procedures6m 41s
-
(Locked)
Risk assessment consistency, part 19m 42s
-
(Locked)
Risk assessment consistency, part 29m 19s
-
(Locked)
Controls to remediate risk9m 30s
-
(Locked)
Risk response6m 52s
-
(Locked)
-