This quiz is part of Building a risk-based compliance program
, a lesson in SearchSecurity.com's Compliance School. Visit the Building a risk-based compliance program lesson page for additional learning resources.
If you answered two or more questions incorrectly, revisit the materials from the lesson Building a risk-based compliance program:
Video: Making risk standards work for you
Tip: How to apply ISO 27002 to PCI DSS compliance
Podcast: Fact or fiction: Involving end users in the compliance program
If you answered four or more questions correctly, return to SearchSecurity.com's Compliance School and begin another lesson, or try another school in SearchSecurity.com's Security School Course Catalog.
This was last published in January 2008
Dig Deeper on Risk assessments, metrics and frameworks