Which outcome describes that an organization-wide risk assessment is completed or an existing risk assessment is updated?

Study for the RMF Steps, Tasks, and Outcomes Test. Get ready for your exam with flashcards, multiple choice questions, and in-depth explanations. Master each step and outcome with ease!

Multiple Choice

Which outcome describes that an organization-wide risk assessment is completed or an existing risk assessment is updated?

Explanation:
In RMF practice, the starting phase centers on establishing a current view of risk across the organization. Completing an organization-wide risk assessment or updating an existing one creates the baseline you need to understand overall risk, guide control selection, and set the scope for authorization. That exact outcome is what the initial Prepare step aims to achieve, making it the best fit. The other statements describe outcomes from later activities: identifying common controls for inheritance relates to selecting controls; determining the authorization boundary concerns scoping what’s inside the authorization; and identifying the types of information processed to inform security categorization.

In RMF practice, the starting phase centers on establishing a current view of risk across the organization. Completing an organization-wide risk assessment or updating an existing one creates the baseline you need to understand overall risk, guide control selection, and set the scope for authorization. That exact outcome is what the initial Prepare step aims to achieve, making it the best fit.

The other statements describe outcomes from later activities: identifying common controls for inheritance relates to selecting controls; determining the authorization boundary concerns scoping what’s inside the authorization; and identifying the types of information processed to inform security categorization.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy