CRISC - Risk Response and Reporting - Section 3.2
Develop risk treatment plans that assign actions, resources and timelines to bring risk within tolerance.
Develop risk treatment plans that assign a risk owner, define remediation timelines, and allocate the resources required to bring residual risk within tolerance. Distinguish a treatment plan from a simple action list by its accountability structure and formal acceptance milestones.
Risk treatment planAction planRisk ownerRemediation timeline
More in this domain
Back to all Risk Response and Reporting objectives, or the CRISC cert hub.
Examworthy is not affiliated with or endorsed by ISACA. Original, blueprint-aligned practice material only.