Which of the following risk management strategies should an enterprise adopt first if a legacy application is critical to business operations and there are preventative controls that are not yet implemented?
Which of the following risk management strategies should an enterprise adopt first if a legacy application is critical to business operations and there are preventative controls that are not yet implemented?
When a legacy application is critical to business operations, the primary objective should be to ensure its continued reliability and security. Mitigating risks involves implementing measures to reduce the potential impact of identified threats to an acceptable level. This can include actions such as patching vulnerabilities, applying compensating controls, segmenting the network, and hardening the application and its environment. This approach helps in securing the application's operation while allowing time to plan for more extensive measures if needed. Therefore, the appropriate risk management strategy to adopt first is to mitigate.
A. Mitigate When a legacy application is critical to business operations and there are preventative controls that are not yet implemented, the first risk management strategy an enterprise should adopt is to mitigate the risks. This involves implementing measures to reduce the risk to an acceptable level. Mitigation can include steps such as patching vulnerabilities, applying compensating controls, segmenting the network, and hardening the application and its environment. Therefore, the correct answer is: A. Mitigate
A. Mitigate