Tier 2 of the 3-tiered risk management approach addresses risk-related concern at which level?

Enhance your preparation for the Federal IT Security Professional Test. Use quizzes, flashcards, and detailed explanations to ensure success. Stay ahead in the field of IT Security!

Multiple Choice

Tier 2 of the 3-tiered risk management approach addresses risk-related concern at which level?

Explanation:
Tier 2 concentrates on risk from the perspective of the organization’s mission and its business processes. It asks how security and risk decisions affect how the enterprise actually operates to achieve its objectives, including key workflows, data flows, and interdependencies across processes and systems. This level sits between high-level governance (Tier 1) and the specifics of individual systems (Tier 3), so it’s the appropriate focus for risk concerns that impact how the mission is carried out. The other levels address different scopes—an individual system or the underlying IT infrastructure (Tier 3) and governance at the organizational level (Tier 1)—which is why Mission/Business Process is the best fit.

Tier 2 concentrates on risk from the perspective of the organization’s mission and its business processes. It asks how security and risk decisions affect how the enterprise actually operates to achieve its objectives, including key workflows, data flows, and interdependencies across processes and systems. This level sits between high-level governance (Tier 1) and the specifics of individual systems (Tier 3), so it’s the appropriate focus for risk concerns that impact how the mission is carried out. The other levels address different scopes—an individual system or the underlying IT infrastructure (Tier 3) and governance at the organizational level (Tier 1)—which is why Mission/Business Process is the best fit.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy