Question 100
Main Page
The ISO 27005 risk assessment includes a step to evaluate consequences and incident likelihood. What is the output of this step?
A. Threat signatures
B. A prioritized list of security controls
C. Risk values assigned to identified scenarios
D. A communication matrix