Which of the following would BEST fulfill a board of directors' request for a concise overview of information security risk facing the business?
Which of the following would BEST fulfill a board of directors' request for a concise overview of information security risk facing the business?
A risk scenario summary provides a comprehensive yet concise summary of specific risks, their potential impact, and the likelihood of occurrence. This allows the board to understand the broader context of risk without getting lost in detailed data. While a risk heat map offers visual representation, it may not be as thorough in providing the contextual details needed for strategic decision-making.
A risk heat map is a powerful visualization tool used for Enterprise Risk Management (ERM).