Which of the following would be the BEST metric for the IT risk management process?

Last Updated on December 23, 2021 by Admin

Which of the following would be the BEST metric for the IT risk management process?

  • Number of risk management action plans
  • Percentage of critical assets with budgeted remedial
  • Percentage of unresolved risk exposures
  • Number of security incidents identified
Explanation:
Percentage of unresolved risk exposures and the number of security incidents identified contribute to the IT risk management process, but the percentage of critical assets with budgeted remedial is the most indicative metric. Number of risk management action plans is not useful for assessing the quality of the process.