Across
- 2. Organization's willingness to accept risk
- 3. identifies applicable regulatory requirements regarding information security
- 5. Used to evaluate and document process maturity for a given area
- 6. risk mitigation strategy designed to reduce/eliminate threat
- 8. Level of risk after security measures are applied
Down
- 1. Systematic evidence based evaluation
- 4. Process of managing, directing, controlling and influencing organizational decisions, actions and behaviours
- 5. Provides expert leadership
- 6. Risk assessment methodology
- 7. Assigning risk