Learning Units Learning Unit 2: The risk management lifecycle

Edit Answers
12345678910111213
Across
  1. 3. attempts to define what the estimated risk actually means to people concerned with or affected by the risk. A large part of this evaluation will be the consideration of how people perceive risks.
  2. 4. in cyber security refers to any weakness in an information system, system processes, or internal controls of an organization.
  3. 6. is the structured process used to identify the sources of currency risk and to define the goals of a hedging program aimed at eliminating or minimising the impact of this risk.
  4. 9. is assessing the risks involved in the daily activities of a business and classifying them (low, medium, high risk) based on the impact on the business. It enables a business to look for control measures that would help in curing or mitigating the impact of the risk and, in some cases negating the risk altogether.
  5. 13. also provide an organization with the necessary knowledge, awareness and risk backgrounds to understand and react to threats to its environment.
Down
  1. 1. is the practice of reducing the impact of potential risks by developing a plan to manage, eliminate, or limit setbacks as much as possible. After management creates and carries out the plan, they'll monitor progress and assess whether or not they need to modify any actions if necessary.
  2. 2. is the process of determining the criticality of business activities and associated resource requirements to ensure operational resilience and continuity of operations during and after a business disruption.
  3. 5. is the possibility of something bad happening. ________ involves uncertainty about the effects/implications of an activity with respect to something that humans value, often focusing on negative, undesirable consequences.
  4. 7. in computer security, a _____________ is a potential negative action or event facilitated by a vulnerability that results in an unwanted impact to a computer system or application.
  5. 8. is the identification, evaluation, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities.
  6. 10. should be carried out by anyone who is trained and competent to do so; someone who understands the circumstances, the potential harm and the deviations.
  7. 11. recognizes the areas where you are not compliant with regard to laws, policies or regulations. The resources are at risk for exposure to malicious activity and/or for penalties issued due to non-compliance.
  8. 12. is the process of identifying and analyzing potential issues that could negatively impact key business initiatives or projects. This process is done in order to help organizations avoid or mitigate those risks.