After identifying a threat, a company has decided to implement a patch management program to remediate vulnerabilities. Which of the following risk management principles is the company exercising?
After identifying a threat, a company has decided to implement a patch management program to remediate vulnerabilities. Which of the following risk management principles is the company exercising?
When a company implements a patch management program to remediate vulnerabilities, it is taking steps to reduce the risk associated with those vulnerabilities. This process of reducing risk is known as mitigation. Therefore, the company is exercising the risk management principle of 'Mitigate'.
It seems the most logical option In this case, the company is taking steps to reduce the risk of security vulnerabilities by patching and addressing them, thereby mitigating the potential harm or damage that could result from those vulnerabilities.
C is correct
C) mitigate A patch management program is being implemented to patch, or fix the vulnerabilities. This reduces the risk. In other words, mitigates.