richardk/iso27diy-corp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Cleaned up Literature folder

Browse source
This commit is contained in:
Richard Kranendonk 2026-05-18 12:48:01 +02:00
parent 73a6380034
commit fe5eda4e05
586 changed files with 53911 additions and 2475 deletions
Download patch file Download diff file Expand all files Collapse all files

19
Corpus/Sparks/Risk treatment.md
View file

@ -1,19 +0,0 @@
The CISSP study guide gives the following 'Risk responses' in Domain 1 (§1.9.3):
- Reduce or mitigate implementation of safeguards and countermeasures to eliminate vulnerabilities or block threats
- Assign or transfer placement of the cost of loss onto another entity; insurance and outsourcing are common forms
- Accept analysis shows countermeasure costs would outweigh the possible cost of loss; also management has agreed to accept the consequences
- Deter implementing deterrents to would-be violators of security and policy
- Avoid selecting alternate options or activities that have less associated risk
- Reject or ignore unacceptable
PMP Concepts ([source](https://www.pmlearningsolutions.com/blog/announcement-ppm-launching-pmp-concept-learning-series)) lists "three proactive approaches to handling a negative risk":
* Avoid eliminate the risk
* Transfer shift the impact to a 3rd party
* Mitigate decrease the probability or impact
See also [Examples of Risk Avoidance](Information%20Security/Examples%20of%20Risk%20Avoidance.md).