ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
A multinational retailer is moving several business applications to AWS. Leadership wants a single risk management framework that can be applied consistently across all global subsidiaries and business functions-not just IT-to define risk appetite, assign risk owners, and guide treatment decisions. Which framework best satisfies these requirements while remaining vendorâ and industryâagnostic?
NIST Risk Management Framework (SP 800-37)
Center for Internet Security (CIS) Critical Security Controls
ISO 31000 is an international, vendor-neutral standard that provides high-level principles and generic guidelines for enterprise-wide risk management. It is intended to be applied across any organization and business function, helping leadership establish context, assess, treat, and monitor risk while defining risk appetite and accountability.
NIST's Risk Management Framework is detailed but scoped to U.S. federal information systems and primarily technology focused. COBIT concentrates on governance and management of enterprise IT, not the entire business risk landscape. The CIS Controls are a prescriptive set of cybersecurity practices rather than a holistic risk management framework. Therefore, ISO 31000 is the most appropriate choice for a global retailer seeking a comprehensive, organization-wide approach.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is ISO 31000 and why is it vendor-neutral?
Open an interactive chat with Bash
How does ISO 31000 compare to the NIST Risk Management Framework?
Open an interactive chat with Bash
Why is COBIT 2019 not suitable for enterprise-wide risk management beyond IT?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Risk Identification, Monitoring and Analysis
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .