The University of Sydney Page 12The amount of resources allocated for security controls solely depends on the likelihood of breaches or vulnerabilities.–False–Beforeallocatingresources,aproperRiskanalysisshouldbeconductedtohaveanefficientriskmanagement.–Riskanalysisconsider–likelihoodofbreachesofvulnerabilities–theconsequences(e.g.,Insignificant,Moderate,...,Catastrophic)ofthevulnerabilitiestoassesstheirrisk.–Basedonthatassessment,anorganizationshoulddecidetheamountofresourcesallocatedforsecuritycontrolbecauseresourcescanbelimitedandshouldbemanagedproperlyforastablerunoftheorganization