The development of a risk response strategy is based on many factors including cost, culture, other projects, and available resources. You will first examine the factors that influence the risk response decision and how to ensure that the risk faced by the organization is within management defined limits. Next, you will cover the topics of inherent risk, data protection, and data encryption. Last, you will look at risk areas to consider in your organization. By the end of this course, you will be one step closer to being prepared for the ISACA CRISC certification examination.