Risk avoidance and acceptance has been interchanged: Risk avoidance is a way for businesses to reduce their level of risk by not engaging in certain high-risk activities. While it's impossible to eliminate all risks, a risk avoidance strategy can help prevent some losses from happening. Accepting risk, or risk acceptance, occurs when a business or individual acknowledges that the potential loss from a risk is not great enough to warrant spending money to avoid it. Also known as "risk retention," it is an aspect of risk management commonly found in the business or investment fields.

You really have a gift for translating complex/thorny topics into everyday, easy-to-understand and how-to-apply practically terms! Thanks so much for sharing your wisdom with us, Sir

Great video, thank you for sharing

Excellent work sir! The way you breakdown the answers is amazing. Clear and precise. New to GRC and I’ve been trying to find different channels to learn and so far you’re on top of my list. Thanks again.

This is one of the finest videos I have seen for the reference of GRC interview. Really good job @Prabh🙏

Thank you, Guru Ji. More video's on consultant job interview questions would be beneficial.

Awesome content. Thanks Prabh

Very great content information. Please keep them coming

Great video! Keep doing more GRC series videos . We have less resources in the field of GRC and your channel is really helpful ! Thank you sir

Good stuff, thanks for the video. Subscribed.

Very Informative Prabh Nair, Thanks for posting!

Good explanation with perfect examples.tnqs for your lectures

This is a comprehensive overview. Very good. Thank you. I enjoy your content.

Most awaited video, waiting for more questions.

Thanks for the great explanation of GRC concepts

Amazing Video Specially Risk management part

So simple to follow and will look for more of your videos to watch

Sir: your video is one of the best in that topic. Thank you!

For now, this video is the best I have seen on GRC.

Excellent! Thank you! Prabh

Wow you break it down splendidly. Grateful

Good Explanation Prabh.....

Really and simplly explanation of the subject Gentleman.

Thanks Prabh, video was simple & informative.

Hi prabh thanks for making this video

Absolutely helpful, thank you

Very helpful. Your simplicity in demystify complex questions is commendable 😊

Great content. Thank you

Great job, more interview questions pls. 👍🏾

Excelllent one Prabh ...

Ultimate videos Prabh!! Anything for interviews of (ISO 27001:2013,SOC2,GDPR). Thanks.

This is really good, thank you.

Excellent video.

very helpful video..

Great video

Fantastic breakdown

Indeed, excellent and very well elaborated in simple words. Keep it up

Excellent explanation. Thanks!

thanks sir very well explained

Hey, love your channel! Clear and beautiful explanation:)❤

Quite Useful Video Prab

Amazing

Thanks Prabh, your content is helpful. I have watched your videos for the past few weeks, I would very humbly point out some English corrections for you to consider; 0:22 - "...some few questions". Here, you can say either some questions or you may say few questions, using both at the same time is not needed. 0:27 - "This video, I am making in a two parts". Here "a" can not be used, so you would say, I am making in two parts 0:46 - "you can refer my LinkedIn profile". Here you must add "to", so you should say, "you can refer refer to my LinkedIn profile.", furthermore, it would be even better if you replace "can" with "may". , so you would say, "You may refer to my LinkedIn profile" 0:50 - so without wasting "a" time. Here you should replace a with any because with time we use "any" and not "a", you should say, without wasting "any" time. The above is sample for the first minute of your video, hope this helps. thanks once again for your content.

Amazing!

It was very well curated. Thanks Prabh. In response to question 4 we may add knowing the interested parties, scope of organization, creating risk assessment and treatment plans. Then conducting risk assessment.

Thank you

Dear prabh sir, can you please make a coffee shot on difference between due diligence and due care .I am unable to grasp the core concept.

Great teaching. Do you organize training? I would love to join

Ultimate

Nice video ❤❤

Question: As a high level , we do risk assessment first or Threat Modelling, if need to place security from scratch?

Awesome

Please make one video how to conduct risk assessment 🙏🙏🙏

Hi Prabh, Cab you explain key differences between GLBA and SOX?

Hi Prabh, is the SSO password or login credentials of an individual categorised under privacy or secrecy? My understanding is that it can give unauthorised access to hackers to company's records and should be tagged as secrecy. Would request your views pls.

Hi Prabh Sir , You have not speak about the Risk Evaluation , can you explain Risk Evaluation with some example.

I was passed 12th 2018 and now I am BCA first year student so what can I do best for myself to easily I can Crack my GRC interview. And in my education carrier 3 year gap so it will effect to get a job.

How to break into the GRC field of Cybersecurity from other fields like network security etc ?

Are you provide classed for SAP access control and GRC consultant?

Hi Prabh, As usual great stuff and KT, It would be wonderful if you could also add examples based scenario, task, action and results. That will be great value to these sessions.

Where can we find some CyberSec GRC projects or work loads to work on?

plz create these types of questions for iso27001:2022

Hi prabh Sir , Small correction I think it should be second party is performed on supplier and not by supplier time frame 12: 21 to 23 . Please suggest I am right or wrong?

Hi pranha any requirement security Grc

that is cyber security Audit?

Can we have more questions Prabh in relation to GRC.

SOP- Is that Standard Operational procedure or Statement of Procedure?

Hello Sir, it was really a great video....👌👌👌👌 My only doubt is regarding Risk Acceptance.. it is something like accepting the risk of being the device vulnerable as they can't fix that due to xyz reason due to their application compatibility? Is that not right

I thought - SOP is Standard Operating Procedure

Why do we say risk cant be eliminated. If there is a risk of me falling down from the terrace of my building. I will eliminate the risk by locking the terrace with 50 locks and then throwing the keys in ocean. Will I ever fall from that building.??

Just five questions?

Audio quality is very poor(low) Prabh, Something to do at your end?

sound is very low on the video

Dear Friends, I have a question: 1/ Which department will be responsible for implementing compliance functionality in the GRC?. Thank you.

Voice is very feable

Perfect presentation