Question

The finance department has started to use a new payment system that requires strict PII security restrictions on various network devices. The company decides to enforce the restrictions and configure all devices appropriately.

Which of the following risk response strategies is being used?

A. Avoid
B. Mitigate
C. Transfer
D. Accept

Answer 1

The company is using a risk response strategy of mitigation by enforcing PII security restrictions to reduce the risk to personally identifiable information within the new payment system.

Step-by-step explanation:

The finance department's decision to enforce strict PII security restrictions on various network devices to use a new payment system represents the risk response strategy of mitigation. When an organization takes steps to reduce the impact and likelihood of a risk, this is known as mitigating the risk. In this scenario, by configuring all devices with appropriate security measures, the company is proactively reducing the threat of personally identifiable information (PII) which is a common risk in financial operations.