Which item is not typically part of Domain 2 Risk Management?

Domain 2 Risk Management centers on identifying what you have, evaluating the threats and vulnerabilities those assets face, and continuously watching to see how risk levels change. A security operations center stands apart because it’s an operational capability focused on real-time security monitoring and incident response. It provides the data and visibility that risk management needs, but the SOC’s purpose is to monitor, detect, and respond to security events, not to conduct the risk assessment and ongoing risk posture activities themselves. In contrast, asset identification establishes what needs protection, threat assessment analyzes likely harms to those assets, and monitoring tracks risk indicators and control effectiveness over time. Those are the activities that form the risk-management process, whereas the SOC supports those activities by delivering ongoing visibility and event handling.