Certified Chief Information Security Officer (CCISO) — Question 135

The primary purpose of a risk register is to:

Answer options

• A. Maintain a log of discovered risks
• B. Track individual risk assessments
• C. Develop plans for mitigating identified risks
• D. Coordinate the timing of scheduled risk assessments

Correct answer: A

Explanation

The correct answer is A, as the primary function of a risk register is to maintain a log of discovered risks, allowing for better tracking and management. Options B, C, and D, while relevant to risk management, describe secondary activities that involve analysis and planning rather than the core purpose of the risk register itself.