Prime Learning

Cross-certification domain

Risk Management: what it covers and how to prepare

Risk management connects threats, vulnerabilities, likelihood, impact, controls, ownership, and business priorities so decisions can be made consistently.
Browse certifications Study resources

What this domain covers

Risk management connects threats, vulnerabilities, likelihood, impact, controls, ownership, and business priorities so decisions can be made consistently.

  • Risk identification and assessment
  • Treatment and control selection
  • Governance and ownership
  • Third-party risk
  • Metrics and reporting

Why it matters

Certification scenarios often ask for the best action under constraints. A risk-based answer considers business objectives, legal and contractual duties, control effectiveness, and residual risk.

How to prepare

Learn the provider's risk vocabulary, then work through scenarios that require treatment, acceptance, transfer, avoidance, control selection, reporting, or escalation. Explain who owns the decision and what evidence supports it.

Related certification

Security+

Review the provider-specific Security+ blueprint to see how risk management is defined and weighted.

Related certification

CISM

Review the provider-specific CISM blueprint to see how risk management is defined and weighted.

Related certification

CISSP

Review the provider-specific CISSP blueprint to see how risk management is defined and weighted.