Pre-Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

  1. Home
  2. Discussions
  3. CompTIA
  4. CompTIA CASP
  5. CAS-005 Discussions
  6. CAS-005 Exam Topic 4 Question 33 Discussion

CompTIA SecurityX Certification Exam CAS-005 Question # 33 Topic 4 Discussion

 CompTIA Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

CompTIA SecurityX Certification Exam CAS-005 Question # 33 Topic 4 Discussion

CAS-005 Exam Topic 4 Question 33 Discussion:
Question #: 33
Topic #: 4

During a periodic internal audit, a company identifies a few new, critical security controls that are missing. The company has a mature risk management program in place, and the following requirements must be met:

The stakeholders should be able to see all the risks.

The risks need to have someone accountable for them.

Which of the following actions should the GRC analyst take next?
A.

Add the risk to the risk register and assign the owner and severity.

B.

Change the risk appetite and assign an owner to it.

C.

Mitigate the risk and change the status to accepted.

D.

Review the risk to decide whether to accept or reject it.

Get Premium CAS-005 Questions
Actual exam question for CompTIA CAS-005 exam by Vega1141 at Nov 3, 2025, 6:31:50 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next