Cheers to success my friend!

@@Praizion I did pass my exam a few months ago. Although I have struggled with using it to go for bigger roles, a lot of has to do with some struggles in my personal life. So thank you.

Thank you. Glad you are benefiting from the videos.

Haha 😂 Good Man! 💪 You'll ace it with such great attitude 👍😜

Glad it was helpful! Best wishes on the test @jennyrosemond959!

Best wishes on the exam!

You are most welcome!

Thanks for your question Alex. This question is nuanced to indicate you are in execution and you need to MANAGE the risk effectively. Planning is long completed and this threat is a serious one because it is about CUSTOMER DATA! Pretty serious. Identifying more vulnerabilities is not the best option here. Instead, collaborate with experts who can do that and more. Here are some guidelines: When to Act Without Further Analysis: The decision to skip further analysis and directly implement risk mitigation strategies might be warranted in the following scenarios: Immediate Threats: If there's credible intelligence about an imminent threat, such as a notified exploit in software your project uses, it would be prudent to act immediately rather than engaging in a lengthy assessment. Regulatory Requirements: Sometimes, regulatory frameworks in industries like finance and healthcare dictate immediate action in response to identified risks, leaving minimal room for prolonged analysis. Previous Assessments: If recent assessments provide a clear understanding of the risks and vulnerabilities, and these have not substantially changed, it might be more effective to move directly to implementing or updating controls. So, the choice between further analysis and immediate action depends on the existing knowledge of the risk landscape and the dynamic nature of the threat environment. If the situation and its risks are well-understood, and the potential for immediate harm is high, acting swiftly on pre-determined risk response strategies is crucial. I know this stuff can be fuzzy but think about what solves the problem vs. what will require more steps. A does not help manage the risk but B does.

@@Praizion this is sooooo helpful, you rock Phill! Thank you so much for such a thorough response.

@@alexmangus1652 My pleasure! Glad it helps.

Mitigation actions are generally not removing scope. Mitigation actions generally do thing to reduce the risk without changing the scope. Avoidance is removing scope be it some or all. Removing all scope is the most drastic avoidance measure but not the only one. If every avoid strategy removed ALL the scope, there would be no project. This is the BEST answer. Avoidance involves change control action, mitigation may not.

Indeed @shajahanolimohd7960. If one can tackle these, it is good practice. Best wishes on the test.

Well done! It may be tougher than the actual test but great practice!