answersLogoWhite

0


Want this question answered?

Be notified when an answer is posted

Add your answer:

Earn +20 pts
Q: Decision to accept risk should be?
Write your answer...
Submit
Still have questions?
magnify glass
imp
Related questions

The decision to accept risk should be made at the?

The decision to accept risk should be made at the appropriate level.


The decision to accept risk should be at what level?

The decision to accept risk should be made at the appropriate and correct level. For the United States Army, risk decisions should be made at the lowest level possible.


At what level should the decision to accept risk be made at?

The decision to accept risk should be made at the appropriate and correct level. For the United States Army, risk decisions should be made at the lowest level possible.


The decision to accept risk should be made at?

The decision to accept risk should be made at the appropriate level.


What level should the decision to accept risks be made at?

The decision to accept risk should be made at the appropriate and correct level. For the United States Army, risk decisions should be made at the lowest level possible.


The decision to accept risk should be made at what level in orm?

the appropriate level


What action should you not take if friends do not accept your decision to abstain from alcohol?

apologize to them


When should you heat shield a subordinate?

When they accept a necessary risk and it results in failure.


What is the risk decision?

A risk acceptance decision is one based on what constitutes an acceptable level of risk.


What is risk acceptance decision?

A risk acceptance decision is one based on what constitutes an acceptable level of risk.


What is a risk acceptable decision?

A decision based on what constitutes an acceptable level of risk


Can the DAA accept non-compliance of an IA control?

Yes - the DAA can accept non-compliance of an IA control. In doing so however, they accept the risk that comes with the non-compliance. Risk acceptance by the DAA is not just a matter of them deciding the risk is something the network should accept. They are held legally responsible for their decisions and can be prosecuted (with the potential for both fines and incarceration) for accepting risk that they should not have. As a consequence, the DAA will usually want to see the residual risk reduced to Low for the system or application. Any non-compliant controls should be mitigated and included in a Plan of Actions and Milestones for correction.