Certified in the Governance of Enterprise IT (CGEIT) — Question 57

The risk committee is overwhelmed by the number of false positives included in risk reports. What action would BEST address this situation?

Answer options

• A. Evaluate key risk indicators.
• B. Adjust IT balanced scorecard.
• C. Conduct a risk assessment.
• D. Change the reporting format.

Correct answer: C

Explanation

Conducting a risk assessment is the best approach to identify and mitigate false positives within risk reports by thoroughly analyzing the risks involved. The other options, while relevant, do not directly address the core issue of excessive false positives and may not lead to significant improvements in report accuracy.