5-41. A  personal  data  security risk assessment benefits a command in all but which of the following ways? 1. 2. 3. 4. It saves money that might have been wasted on safeguards that do not  significantly  lower the overall data risks It ensures that additional  security safeguards help to counter all the serious personal  data  security risks It provides a basis for deciding  whether additional  security safeguards  are  needed for personal data It   considers   only   the risks to personal data 5-42 . Which of the following participants should NOT be included on the risk assessment  team? 1. A representative of the operating  facility 2. An  individual responsible  for  security 3. A  system  programmer 4. A systems analyst 5-43. Data may be misrouted, mis- labeled,    or it may contain unexpected  personal information as a result of which of the following data security risks? 1. Input errors 2. Program errors 3. Improper data dissemination 4. Mistaken  processing  of data 5-44. When  security  measures  to adequately  control  system access to personal data are developed, they  should include protection from all except which of the following risks? 1. Dial-in  access 2. Open system access 3. Physical  destruction  of the AIS 4. Unprotected  files  and theft of data 5-45. Commands  designing  large computer  networks  should consider which of the following risks early in the planning  stages? 1. Eavesdropping  only 2. Misidentified  access  and eavesdropping  only 3. Operating  system  flaws and  subverting  programs only 4. Misidentified  access, eavesdropping,   operating systems  flaws, subverting  programs,  and spoofing 5-46. Information  management practices  include  all  but which  of  the  following activities? 1. 2. 3. 4. Data collection, validation,  and transformation Information   processing or  handling Information  control, display,  and presentation Managerial   determination of the need and use of the  information 48