Risk Treatment/Risk Response OptionsRisk MitigationRisk Sharing/TransferringRisk AvoidanceRisk AcceptanceKey Aspects from the CISM Exam PerspectivePractice Question Set 1Risk Ownership and AccountabilityKey Aspects from the CISM Exam PerspectivePractice Question Set 2Risk Monitoring and CommunicationRisk ReportingKey Risk IndicatorsReporting Significant Changes in RiskKey Aspects from the CISM Exam PerspectivePractice Question Set 3Implementing Risk ManagementRisk Management ProcessIntegrating Risk Management into Business ProcessesPrioritization of Risk ResponseDefining a Risk Management FrameworkDefining the External and Internal EnvironmentDetermining the Risk Management ContextGap AnalysisCost-Benefit AnalysisOther Kinds of Organizational SupportKey Aspects from the CISM Exam PerspectivePractice Question Set 4Change ManagementObjectives of Change ManagementApproval from the System OwnerRegression TestingInvolvement of the Security TeamPreventive ControlsKey Aspects from the CISM Exam PerspectivePractice Question Set 5Patch ManagementKey Aspects from the CISM Exam PerspectivePractice Question Set 6Operational Risk ManagementRecovery Time ObjectiveRecovery Point ObjectiveDifference between RTO and RPORTO and RPO for Critical SystemsRTO, RPO, and Maintenance CostsRTO, RPO, and Disaster ToleranceRTO, RPO, and BIAService Delivery ObjectiveMaximum Tolerable OutageAllowable Interruption WindowPractice Question Set 7Risk Management Integration with Life CycleSystem Development Life CycleKey Aspects from the CISM Exam PerspectivePractice Question Set 8SummaryRevision Questions