1. What is security risk? Can you distinguish acceptable and unacceptable risk?
2. What is the action plan in terms of risk management?
3. How many types of risk in association with security context? How do you identify and incorporate into planning processes?
4. What is treatment option? Who will research, clarify and approve it?
5. In development of security risk management plan, how do you identify management requirements?
6. Why do you have to present the risk management plan to your client?
7. Give examples of resources, equipment and materials to assist plan implementation.
8. How do you confirm and maintain confidentiality requirements in accordance with client and organizational requirements?
9. What is treatment option in terms of risk management?
10. Why do you provide feedback to relevant personnel?