Final answer:
An organization would use the mitigation risk management strategy to maintain a legacy system with known risks for operational purposes.
Step-by-step explanation:
An organization would use the mitigation risk management strategy to maintain a legacy system with known risks for operational purposes. Mitigation involves implementing measures to reduce the likelihood and impact of risks. In the context of a legacy system, this could include regular software updates, security patches, and backup systems in case of failure.
For example, if a legacy system has a known vulnerability that could be exploited by hackers, the organization can mitigate the risk by installing the latest security patches and regularly monitoring the system for any suspicious activity.
In contrast, acceptance would involve acknowledging the risks but choosing not to take any action; transference would involve transferring the risks to another party, such as outsourcing the operation of the legacy system to a third-party provider; and avoidance would involve avoiding the use of the legacy system altogether.