Select the most appropriate level of responsibility for managing each of the following risks.

GHY is a listed company. Tom is GHY's CEO and Peter is its non-executive Chair of the Board. Tom and Peter both have substantial relevant business and industrial experience and both are believed to have considerable integrity. Tom and Peter quickly developed a good working relationship after Peter's appointment. They have become close friends.
Tom briefs Peter on every aspect of the business. Tom and Peter jointly agree the agenda for every board meeting and both agree on the manner in which matters will be presented to the board.
Taking account of the principles of good corporate governance, which of the following statements is correct?

B is a small retail bank that offers customers many on-the services B is keen to ensure sound security both to protect the bank's assets and also to safeguard customer privacy B's IT Security Manager has suggested that the bank should use two phase authentication for access to the on-line systems Which TWO of the following are examples of two phase authentication?

Which method of quantifying risk exposure can be used to calculate the maximum loss on a portfolio occurring within a period of time with a given probability?

ZZ is a data security company that is responsible for cyber security m a large shopping mall 21 uses Network Configuration Management (NCM) to assist it in meeting the various needs of the mall's user community.
Which THREE of the following are advantages provided by NCM?