A financial services company has historically maintained a very conservative security posture, prioritizing stability over innovation. Recently, executive leadership decided to launch a new fintech platform to attract a younger demographic. This new venture uses cutting-edge technologies that are considered higher risk. This strategic shift will MOST likely require a direct reassessment of which of the following?
The correct answer is risk tolerance. Risk tolerance is the degree of risk or uncertainty an organization is willing to accept in pursuit of its objectives. When a company's strategic goals shift, as in this scenario from a conservative posture to an aggressive growth strategy, its willingness to take on risk (its risk tolerance) must be re-evaluated. The new fintech platform represents a higher-risk, higher-reward initiative, which necessitates a change in the company's established risk tolerance. The Recovery Point Objective (RPO) and Annualized Rate of Occurrence (ARO) are metrics used within risk management, but they do not represent the organization's overall willingness to accept risk. An Acceptable Use Policy (AUP) defines rules for technology use and would likely be updated, but the primary, high-level concept that needs reassessment due to a major strategic change is the overall risk tolerance.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What factors can cause a company's risk tolerance to change?
Open an interactive chat with Bash
How often should a company reassess its risk tolerance?
Open an interactive chat with Bash
What are the consequences of not updating risk tolerance?