SECURITY PROGRAM INTEGRATION PROFESSIONAL
CERTIFICATION (SPIPC)
What is the purpose of the asset assessment?
step of the risk management process? - ANSWER-• Identify assets
requiring protection and/or that are important to the organization and
to national security
• Identify undesirable events and expected impacts
• Prioritize assets based on consequences of loss
What is the purpose of the threat assessment
step of the risk management process? - ANSWER-• Determine threats
to identified assets
• Assess intent and capability of identified threats
• Assess current threat level for the identified assets
What is the purpose of the vulnerability
assessment step of the risk management
process? - ANSWER-• Identify existing countermeasures and their level
of effectiveness in reducing vulnerabilities
• Identify potential vulnerabilities related to identified assets and their
undesirable events
• Identify current vulnerability level for the identified assets that can be
exploited by the identified threats
What is the purpose of the risk assessment step of the risk
management process? - ANSWER-• Integrate information about the
impact of undesirable events (collected during the asset assessment