CRISC IT Risk Assessment • Set 2
CRISC IT Risk Assessment Practice Test 2 — 15 questions with explanations. Free, no signup.
An organization has a legacy system that cannot be patched due to vendor end-of-life. The system processes non-critical data. The risk manager has determined that the likelihood of exploitation is low, but the impact would be high. Which risk response strategy is MOST appropriate?